DRMI-logo-1000

Business Leaders, Digital Risk Officers, and Security Executives To Collaborate on Decision Making Framework

 

Washington, DC – November 24, 2014 — Responding to increasing cyber threats having a significant impact on the business, the Digital Risk Management Institute (DRM Institute), a not-for-profit organization, has been formed to identify and communicate best practices for managing digital business risk.

Led by business executives, risk officers and security executives, the DRMI’s mission is to define a decision-making framework that creates and sustains business value by balancing the need to protect the organization with the need to run the business. The Institute’s objectives are to publish a generally accepted set of digital risk management best practices and facilitate benchmarking by digital risk officers against those practices.

Digital risk management is the next evolution in enterprise risk and security for digital businesses that are expanding the scope of technologies requiring protection. Gartner estimates that by 2020, 60 percent of digital businesses will suffer major service failures due to the inability of the IT security team to manage digital risk in new technology and use cases.  IT, operational technology (OT), the Internet of Things and physical security technologies will have interdependencies that require a risk-based approach to governance and management. 1

As a result, more than half of CEOs will have a senior “digital” leader role on their staff by the end of 2015, and that by 2017, one-third of large enterprises engaging in digital business will also have a digital risk officer (DRO) or equivalent. DROs are inherently separate from IT and focus on managing risk at an executive level while collaborating closely with critical business functions such as legal, privacy, compliance, digital marketing, digital sales and digital operations.2

 “As the ability of large organizations to effectively prevent digital attacks and minimize impact on its business continues to decline, building a business case for IT security is now shifting towards Digital Risk Management,” said Naeem Musa, Chief Information Security Officer at the U.S. Commodity Futures Trading Commission. “As a member of the DRM Institute, we are adamant in our belief that a consistent, unified approach to measuring and managing digital risk has the potential to deliver cost efficiencies and greater risk assurance for business processes than the fragmented approach currently in place in most large organizations.”

“We are creating the Digital Risk Management Institute to develop a set of best practices and common knowledge for digital risk governance and management,” said Nicola (Nick) Sanna, President of the DRM Institute. “Until now, business executives, risk officers, CIOs, and CISOs have had no definitive source of applied knowledge on how to manage digital risk from the business perspective. We will provide a forum for knowledge sharing and a platform for business-focused executive education and collaboration.”

For information about DRMI membership, activities and events, please visit www.drminstitute.org.

About the DRM Institute

The Digital Risk Management (DRM) Institute is a nonprofit organization led by business executives, risk officers and security executives to analyze digital failure scenarios, create standard DRM knowledge, and promote best practices for managing digital business risk. Our mission is to serve our members and our profession by defining a decision-making framework that creates and sustains business value by balancing the need to protect the organization with the need to run the business. The Institute’s objectives are to publish a generally accepted set of DRM knowledge and best practices across various industries and facilitate benchmarking against those practices. For more information, visit www.drminstitute.org or follow us on Twitter at https://twitter.com/DRMInstitute.

###

  1.  “Innovation Insight: Digital Business Innovation Risk Will Bring About the Rise of the Digital Risk Officer” Published June 18, 2014 by Gartner analysts Paul E. Proctor, Earl Perkins, Andrew Walls
  2.  Gartner 2014 CEO survey