IDEAL RESOLUTION: ARBITRATING TECH SECTOR DISPUTES

Technology and communications systems are vital components of any organisation’s operational muscle. This essential machinery presents both opportunities and risks in a world of constant innovation and change.

In the tech sector specifically, opportunities and risks are plentiful. But while the opportunities afforded by the sector can do much to foster growth and innovation among technology-centred organisations, the accompanying risks are complex and challenging.

The tech sector risk landscape

In its ‘Trends in Technology Risk 2024’ report, Grant Thornton highlights key technology risks that should be on every technology leader’s radar, as outlined below.

First, cyber security continues to be a critical business risk for UK and international organisations. In the UK, for example, government research indicates that 69 percent of large businesses suffered a breach or attack over the past 12 months.

Second, to manage risks around service continuity, information privacy and security, organisations need to have an effective framework of controls in place around third parties. Outsourcing responsibility for these services, however, does not outsource associated risks.

Third, the risks associated with generative AI (GenAI) are critical now due to its widespread adoption. Concerns include the potential for biased outputs, security vulnerabilities and misuse of generated content for malicious purposes.

Fourth, many organisations are dealing with the challenge of legacy IT, longstanding or out of date infrastructure or applications that are still in use. This prevents the modernisation of working practices and exposes organisations to availability risks and cyber security vulnerabilities.

Fifth, the use of cloud solutions has increased rapidly in recent years. Organisations face challenges around cloud controls and assurance, inconsistent approaches across assurance teams, cloud concentration risks and lock-in with vendors.

Sixth, risks posed by the adoption of development and operations (DevOps) include insecure configurations and tooling, misalignment of software with business or customer requirements, insufficient documentation and difficulty in meeting regulatory compliance requirements.

Apr-Jun 2025 issue

Fraser Tennant