Helen Sharpless-Willis
Darwin Commercial Leader, MMB Multinational, Mercer Marsh Benefits
-
United Kingdom
Embracing technological innovations is one of the greatest opportunities for organisations today. From artificial intelligence to natural language processing, the possibilities for new products, ways of working and delivery channels are endless.
However, such disruptions also create significant risks for businesses when not managed correctly. These risks range from cybersecurity threats and mismanagement of data to skills shortages and job cuts.
Worryingly, our People Risk research suggests there’s a blind spot when it comes to how HR and risk managers are considering these threats.1 Artificial intelligence was ranked just 18th out of 25 people-related risks facing businesses, despite 50% of senior leaders predicting this technology would fundamentally change their business models.
This disconnect between senior leaders’ views and HR/risk managers’ view is a significant concern, since there is strong evidence that workforce skills aren’t keeping pace with technological advances.2 In fact, 56% of survey respondents say they believe technology skills shortages could have a catastrophic or high impact on their organisations.
Without the right employees and the right knowledge, businesses may not be able to capitalise on the opportunities ahead of them. Firms that fail to prepare will fall behind their competitors.
Another key threat is the inability to retain employees, particularly younger generations. Companies that make good use of automation to strip out repetitive and time-consuming tasks are often seen as attractive employers, as are those that invest in their workforces, giving employees access to the latest technologies and providing training on how to use them.
Failure to attract, retain and motivate top talent can be catastrophic for business success. Benefits structure and design are important here because they’re crucial in becoming an employer of choice as is having the right solutions in place to attract highly competitive skills — particularly in AI.3
Of course, that doesn’t mean running ahead full tilt and embracing AI without thoughtful consideration as this also creates risks. For instance, more than one-third of risk and HR managers in our survey say they’re concerned about employees’ overreliance on and complete trust in unverified AI-generated content.4
This is a serious concern. Putting out content that is, at best, unchecked and, at worst, misleading or incorrect could have a serious impact on stakeholder trust. Further, there is strong evidence that poorly managed AI solutions pose legal, reputational and data management risks. 5, 6, 7
Another challenge is the multigenerational workforce and how different cohorts engage with technology. While younger generations will already be using generative AI in other areas of their lives and will expect access at work, for others, these advancements can be daunting. The prevalence of stories in the media about worries over people’s jobs being replaced by technology, especially AI, compounds the problem.8 For those employees who have concerns, technological onboarding will need to be strategic, unrushed and well communicated. Engagement with the whole workforce from the outset is therefore crucial.
Ultimately, to tackle these threats, risk managers will benefit from collaborating with leaders across the organisation to pinpoint the risks and opportunities inherent in technological innovations. This means building a digital-first people strategy, encouraging safe adoption of AI and engaging with multiple functions, including business, technology and compliance.9
The elephant in the room is cybersecurity. Technological advances are crucial in protecting organisations against hackers, but they also increase the likelihood of cyberattacks. There have already been cases of criminals using AI to improve phishing attacks and ultimately extort money from businesses.10 At the same time, work-from-home measures and increasing use of personal mobile phones to access work emails are exacerbating the problem. Against this backdrop, the question to ask is not whether your organisation will be hacked but when.
Protecting businesses from these threats requires the collective power of the workforce. But technology skills shortages and a lack of cybersecurity knowledge are top people risk concerns.11
To tackle these issues, businesses should urgently upskill employees while also breaking down silos. User error and employee mistakes are still among the top causes of breaches, and this requires that HR, the risk function and IT work closely together. Good cyber hygiene should start from the moment new employees are onboarded and should be reinforced regularly as new best practices come to light. Tone should be set from the top, and training needs to be a priority.
Cyber insurance is a crucial part of the puzzle, but given capacity constraints in the market, businesses should first focus on reducing the risks of a successful attack.
This means investing in pre- and post-breach incident management and crisis support to mitigate the effects of a cyber incident and using risk-based economic modelling and quantification tools to inform cyber resilience strategy decisions. It also requires adopting technologies, processes, and measures to prepare for and mitigate cyber risks and ensure confidentiality, integrity and availability of information. Only once this is achieved can you seek to transfer the remaining risks through insurance solutions.
1 Mercer Marsh Benefits. People Risk 2024, available at https://www.marsh.com/en/risks/people-risk/insights/the-five-pillars-of-people-risk.html
2 Mercer Marsh Benefits. People Risk 2024.
3 Mercer Marsh Benefits. People Risk 2024.
4 Mercer Marsh Benefits. People Risk 2024.
5 Oliver Wyman Forum. How Generative AI Is Transforming Business and Society, 2024, available at https://www.oliverwymanforum.com/content/dam/oliver-wyman/ow-forum/gcs/2023/AI-Report-2024-Davos.pdf.
6 Kim J and Eskins G. “Generative AI: Understanding the Risks and Opportunities,” July 25, 2023, available at https://www.marsh.com/en/services/cyber-risk/insights/generative-ai-understanding-the-risks-and-opportunities.html.
7 Federal Bureau of Investigation. “FBI Warns of Increasing Threat of Cyber Criminals Utilising Artificial Intelligence,” May 8, 2024, available at https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/fbi-warns-of-increasing-threat-of-cyber-criminals-utilizing-artificial-intelligence.
8 Egan M. “AI Is Replacing Human Tasks Faster Than You Think,” CNN, June 20, 2024, available at https://www.cnn.com/2024/06/20/business/ai-jobs-workers-replacing/index.html.
9 Mercer Marsh Benefits. People Risk 2024.
10 Chen H and Magramo K. “Finance Worker Pays Out $25 Million After Video Call With Deepfake ‘Chief Financial Officer’,” CNN, February 4, 2024, available at https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html.
11 Mercer Marsh Benefits. People Risk 2024.
Darwin Commercial Leader, MMB Multinational, Mercer Marsh Benefits
United Kingdom
Digital Health Solutions Leader Asia, Mercer Marsh Benefits
India
Expertise
07/11/2024