03/08/2012 03:32 pm ET Updated May 08, 2012

Risky Business

A century ago, when women were still fighting for the right to vote in the UK it would be unfathomable that in 2012 Britain would be celebrating award nominations for a film focused on the life of Britain's first female Prime Minister. Similarly, when Martin Luther King was assassinated in 1968, members of the civil rights movement would have found it hard to believe that less than 50 years later the U.S. would elect an African American man as President. On a very different front, just 10 years ago consumers around the world were buying DVDs to replace our obsolete VHS collection -- today we are buying Blu-ray discs to replace our fast-becoming obsolete DVD collection. It's amazing just how quickly cultural and technological advances are changing the world around us.

As with all changes, though there are benefits, there are risks. The very real consequences of failing to keep up with the changing world include security breaches, reputation damage, regulatory fines, and even falling foul of the law.

Adapting to the changing world may seem daunting given the speed at which technology is changing, but it is essential.

Through our network of audit directors, CEB has identified at least two technology-based key 'hot spots' for businesses that were not top of mind for companies last year, demonstrating the speed at which the world, and global business, is evolving and reinforcing the importance of awareness and adaption.

1. Information Security

Recent security breaches have included high-profile names such as Nasdaq, where Directors Desk, a web-based system, was targeted, and The Sun newspaper which was hacked to show a fake report of Rupert Murdoch's death. In addition, the Scotland Yard and the FBI have been victims of the Anonymous hacking group. If these organizations have succumbed to hackers, businesses really cannot be too careful in their approaches to information security.

With the EU-wide proposed data protection legislation including fines of up to €1 million, business leaders should undertake a comprehensive review of what data requires encryption, paying particular attention to information sent or stored using cloud technology. In addition to fines, companies should also be mindful of the very real risk of damage to their reputations.

This is not just about customer data, important though it is. It is also about protecting your data. Imagine you have a new product idea. You have invested time, money and effort in this idea, and a lack of adequate information security means someone else has access to your data, swoops in and beats you to the punch. You get left behind while your competitor flourishes. Of course there are all sorts of legal angles to pursue, but they require a considerable commitment of time and money.

2. Social Media

A related concern is the increase in social media. More than 70 percent of companies are already using social media tools and most plan on increasing their spend in this area. Some companies use social media as a way to interact with consumers, get immediate feedback and monitor consumer conversations about their company, their products and their rivals.

In fact, one of our surveys showed that the leading 11 percent of brands have seen positive business results by using social media. However, in order to ensure effective risk management, businesses need to have protocols in place.

For example, in the financial services industry, our research shows that among holders of bank products worldwide, more than two-thirds use social media and nearly 30 percent are using social media to communicate and learn about banking-related issues. And there are more opportunities available, while 70 percent of individuals with greater than $5 million in investable assets use social media, only 40 percent of large wealth management firms have an active presence in this space.

Internally, companies are using social media sites such as Yammer and SharePoint to drive collaboration and foster an innovative culture. Our research tells us that 94 percent of businesses indicate that they are currently pursuing a collaborative initiative to drive productivity and performance.

With such open, dynamic and informal channels, one of the biggest inherent risks is that of breaching security protocols. A lack of understanding among employees about what they could, should, and absolutely should not share can lead to exposure of confidential information to anyone working across an organisational supply chain.

Businesses need to communicate a simple, effective policy of 'do's' and 'don'ts' when communicating via social networking sites. Employees must be fully aware not only that they are responsible for their actions, but also are responsible for the consequences of their actions. While it seems like these types of actions have been preached for years, companies continue to face significant risk in this area and many still do not have basic protocols in place.

Substantial advantages can be gained from this rapid pace of change, but executives cannot afford let their guard down. Information security issues and the risks presented due to social media have been and will continue to be areas of vulnerability for years to come. However, rather than avoid new technology in order to protect themselves from risk, executives should do all they can to protect the organization and then embrace the exciting possibilities these technological advances present.