Blog post

Cyber Risk, Digital Risk and The Digitalization of Risk Management

By John A. Wheeler | November 25, 2020 | 0 Comments

Tech and Service ProvidersSecurity and Risk Management LeadersLegal and ComplianceIRMintegrated risk managementDigital riskCyber riskAudit and Risk

What’s in a name? For Shakespeare’s Juliet, not much. However, for security and risk management professionals it can make a huge difference.

Take for example the terms cyber risk, digital risk and the digitalization of risk management. While cyber risk and digital risk are often used interchangeably, the digitalization of risk management is not as widely used, but perhaps should be. To demonstrate the critical differences, let’s see how Gartner defines these 3 RiskTech terms.

Cyber risk (aka cybersecurity risk) is the risk associated with cyber threats emanating from the external cyber environment (see Cool Vendors in Integrated Risk Management).

Digital risk is associated with the risks inherent in digital products, services and supporting processes (see Emerging Technology Critical Insights: Digital Risk Management).

Digitalization is the use of digital technologies to change a business model, provide new revenue and/or value-producing opportunities; it is the process of moving to a digital business (see How Digital Product Management Unlocks Opportunities for New Value Creation). Thus, the digitalization of risk management is the use of digital technologies to modernize the discipline of risk management to create value-producing opportunities.

Viewed together, the three terms represent key aspects of integrated risk management (IRM). In particular, digital risk management (DRM), an emerging IRM use case, integrates views of strategic, operational and technology risk associated with digital products and services.

However, DRM should not be confused with the digitalization of risk management. While related to DRM, the digitalization of risk management simply enhances the ability to analyze both cyber and digital risks (as well as other risk domains such as environment, health and safety – EHS) through autonomous digital technologies (see figure below).


Digitalization of Risk Management


As corporate boards and senior executives increasingly look to digital business as a means to recover from the COVID-19 disruption and grow, the digitalization of risk management will be essential. Through the use of robots, drones or other intelligent technologies, companies can transform their risk management discipline into a value-added function by optimizing spend, increasing safety as well as protecting the health of employees and customers.

Stay tuned for more research on the digitalization of risk management as well as digital risk management. Both are hot topics for our clients and will continue to drive demand for risk management technology in 2021 and beyond.

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed