Business leaders tackle tech obsolescence & regulation risks

Business leaders are facing new challenges as technology obsolescence and regulatory changes pose significant risks to organisational operations.

Bob Wice, Head of Underwriting Management for Cyber & Tech at Beazley, highlighted recent incidents such as a faulty update from CrowdStrike and a ransomware attack on Change Healthcare as key reminders of the vulnerabilities within organisational infrastructures. "High profile outages arising from a faulty update from CrowdStrike and a ransomware attack on Change Healthcare were a stark reminder in 2024 that a single point of failure can cripple organisations and cause major economic damage, whether the outages are malicious or unintentional," he noted.

Wice emphasised that some of the most significant risks in the upcoming year may stem internally if organisations fail to address the dangers posed by technology obsolescence. "While new technologies and capabilities are introduced every day, many companies are still using legacy systems, simply because they still work and replacing them can be costly," Wice said. He pointed out that the lack of basic risk management regarding obsolete technology is increasingly problematic.

Beazley's Risk & Resilience research shows that 27% of business leaders share concerns over technology obsolescence risks, a figure set to rise by 2025. Wice mentioned that the pressure to mitigate these risks will also come from external factors, especially with expected regulatory scrutiny.

He stated, "We expect increased regulatory scrutiny concerning end-of-life and end-of-support software and devices including the Office of Civil Rights in the healthcare sector." He concluded by advising businesses to plan to combat these challenges strategically, stating, "Innovation is moving at a rapid pace, and with innovation comes risk. Businesses must develop a plan to protect themselves against these evolving challenges."

Parallel to technology concerns, Bethany Greenwood, Group Head of Specialty Risks at Beazley, addressed the complications arising from regulatory divergence on a global scale as markets head into 2025. "As the global market experiences increased divergence of regulatory requirements heading into 2025, multinational corporations must be prepared to respond to a diverse set of changes in laws, regulations, and policies implemented by national governments," Greenwood explained.

Greenwood warned that the varying levels of oversight and unpredictable legal shifts could impede operations and inflate costs if businesses are unprepared. As regulatory stances continue to diverge, directors and officers could face substantial liability risks. Beazley's research indicates increased business leaders' concerns over regulation risk, with stated concern growing from 18% to 24% over the past three years.

Greenwood acknowledged the complexity of navigating these regulatory waters, a task made more challenging with differing requirements across markets potentially resulting in legal challenges. She described the scenario as a "damned if you do, damned if you don't" environment, which will require careful management and compliance strategies from corporations.