Top Ten Technology Risks for 2021

The United States has been dealing with the Covid-19 pandemic for about a year. In February/March 2020, many organizations sent most or all employees to work from home due the pandemic. It has been a year of disruption and change in how we work, and a year of increased risk to organizations as a whole, including technology-driven risk.

In the fall of 2020, ISACA and Protiviti conducted a global survey of almost 7,500 IT audit and risk leaders and professionals to gain their insight on some of the biggest technology risks their organizations will face in 2021. The organizations surveyed were broken into two groups: digital leaders and other organizations. Digital leaders were identified as organizations who claim to either have a proven track record of adopting emerging technologies or disrupting traditional business models; have digital aspects of strategic plans in place that are managed quantitatively or continuously improving; and have enabled high levels of process optimization or innovative and disruptive technologies.

The top 10 technology risks for 2021 were identified as:

  1. Cyber Breach
  2. Confidentiality and Privacy
  3. Regulatory Compliance
  4. User Access
  5. Security Incident Management
  6. Disaster Recovery
  7. Data Governance
  8. Third-Party Risk
  9. Remote Workplace Infrastructure
  10. Availability Risk

The top 10 list of risks is similar for both digital leaders and the other organizations. The biggest discrepancy is regarding cloud strategy and adoption. While digital leaders are highly concerned with this, other organizations are not. This stems from digital leaders moving more processes and systems into the cloud and preparing for the future. It should come as no surprise that there are inherent risks any time you introduce new technology solutions. With this, cyber breach is the top technology risk for 2021, so identifying the risk of exposure remains ever so critical. In a year where the majority of office workers may continue to work from home, it remains critical for organizations to continuously assess, monitor and effectively manage technology risks.

Risk Assessment Frequency

Assessing risk is a very important part of any organization’s security, especially in today’s technology-driven work environment and in the midst of a pandemic. Of the organizations surveyed, 92% claim to assess technology risk in some capacity. The frequency of risk assessments depends on the type of organization. 49% of organizations who claimed to be digital leaders identify and assess technology risk on a continual basis (more than monthly). Only 24% of other organizations continually identify and assess technology risk. 41% of other organizations (not digital leaders) identify and assess technology risk on an annual basis.

As expected, some organizations are beginning to adjust how often they are assessing risk due the challenges of the pandemic. Of the organizations who completed risk assessments, at least a third (41% of digital leaders and 34% of other organizations) claim that pandemic-related disruptions and changes have caused them to adjust the nature or frequency of technology risk assessments.

Managing Risk

Of all industries and regions, Cyber Breach was either the first or a top 3 technology risk identified.  Confidentiality and Privacy, Third-Party Risk and Security Incidents all were near the top as well. Organizations need to be able to manage and assess risk in order to protect client, employee and third-party data. All organizations should conduct a technology risk assessment on at least an annual basis or more frequently as their technology landscape changes or new systems are introduced. As evident in the survey results, these assessments are starting to occur more frequently for more technology-focused and technology-reliant organizations.

How Can Schneider Downs Help?

Schneider Downs IT Risk Advisory practice can help conduct an organization’s technology risk assessment and assist in performing third-party risk management, as well as perform privacy assessments such as GDPR compliance and gap assessments. Schneider Downs Cybersecurity team can help with preventing and responding to cyber breaches and incidents. To learn more about our Risk Advisory and Cybersecurity services please visit www.schneiderdowns.com/risk-advisory-services and www.schneiderdowns.com/cybersecurity

If you specific questions please feel free to contact the team at [email protected]

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2021 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
Guidance for NERC-CIP-013-01 Compliance
The American Families Plan – Proposed $1.8 Trillion Spending and Tax Plan
The Restaurant Revitalization Fund – Part II
Ransomware Groups Attack Washington DC Police and QNAP Clients
Contractors’ Expectations Continue to Rise
Controlled Unclassified Information: Labeling Requirements for CMMC and NIST 800-171
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us
Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

[email protected]
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

[email protected]
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102

[email protected]
p:571.380.9003