Latest news with #businessrisk
Forbes
12 hours ago
- Business
- Forbes
Why AI Is Your Biggest Business Opportunity—And Risk
Steve Wilson, Chief AI and Product Officer, Exabeam. Cybersecurity often operates within a bubble, assuming that business leaders are fully conversant with emerging technologies like artificial intelligence (AI). The reality? AI is reshaping every facet of business, and its implications stretch far beyond security. Although McKinsey researchers report that 78% of organizations now use AI in at least one business function, a significant jump from 72% in early 2024, many executives' exposure to AI regrettably begins and ends with large language models (LLMs). This leaves them unaware of vital areas such as AI-powered threat detection, the complexities of autonomous systems and the strategic implications of adversarial machine learning. That's not just a blind spot, it's a business risk. AI is now both your biggest opportunity and your biggest threat. The Art Of Knowing What You Don't Know AI is now embedded everywhere, boosting efficiency. But this integration unleashes unintended consequences: flawed automation, biased outputs, compliance pitfalls and reputational damage. These aren't technical glitches; they're fundamental business risks that hammer trust and resilience. Leaders don't need to be security experts, but they must grasp the AI agenda. This means dictating AI's governance, deployment and risk management enterprise-wide. It also means having the self-awareness to ask the right questions and the right people. Assuming everyone "just gets it" widens the critical gap between security pros and executive leadership. The real danger isn't misunderstanding; it's the profound business implications that follow. Without clear, business-aligned AI risk communication, companies underinvest, stall decisions and create a false sense of security at the top. The Results Speak Loudly The tangible benefits of AI are already underway, and the results speak for themselves. For example, in a 2025 Exabeam study, 56% of security teams reported that AI has boosted productivity by streamlining tasks, automating routine processes and accelerating response times. These undeniable gains demonstrate the real business value of AI when implemented responsibly and with clear oversight. But the stakes are rising. In a May 2025 Senate testimony, OpenAI CEO Sam Altman called for an AI regulatory sandbox to encourage innovation while avoiding fragmented overregulation. His message was clear: This isn't just tech. AI is now a geopolitical, economic and competitive force. Leaders who aren't actively engaged will miss the opportunity. From Soundbites To Substance It isn't enough to simply name-drop AI on earnings calls. True leadership means showing, not just saying, how AI aligns with business outcomes like growth and resilience. Every company, not just tech vendors, must step up. That starts with the following actions: • Establish AI governance at the C-suite level. AI is a cross-functional strategic priority, not just an IT or security task. A C-suite team, including legal, risk and operations, must align AI initiatives with business goals, prioritize investments and manage enterprise-wide risks and rewards. • Treat AI as a strategic asset, not just a tool. To secure executive buy-in, frame AI risks by their business impact: reputational damage, fines, market loss or eroded trust. This helps ensure leaders see AI as a critical business issue, demanding their proactive management, not just a technical one. • Champion smart AI regulation and industry collaboration. Engage with policymakers, regulators and industry groups to advocate for balanced AI regulations that prevent overregulation at the state level while fostering innovation. As OpenAI's Altman testified, creating a framework for AI adoption is crucial. This collaborative approach can help shape a sustainable AI ecosystem, ensuring that regulations support growth while addressing security and ethical concerns. • Invest in AI resilience, transparency and accountability. Prioritize building effective, transparent and auditable AI systems. This mitigates risks like bias and compliance failures, helping ensure long-term trust, quick issue correction and leadership in responsible AI. Your AI Strategy Can't Be Siloed Too often, AI sits with technical teams, disconnected from core business strategy. That's a governance failure. AI must be embedded across strategic planning, risk management and product development, with clear ownership from the start. Meanwhile, the market is awash with new AI products and bold promises. CISOs and tech leaders must become simplifiers and skeptics, cutting through the hype to vet solutions based on real value, not just marketing tropes. Generative AI brings innovation but risks repeating past cycles of overpromising. Disciplined due diligence is essential. Ultimately, AI is a catalyst for growth. The smartest leaders aren't chasing every trend—they're investing in the right people, like data scientists and prompt engineers. Because in this complex era, the real edge is clarity. Bold leadership means aligning your teams, tech and strategy to unlock value while keeping risk in check. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Japan Times
15 hours ago
- Business
- Japan Times
GTN takes a chance on newcomers to Japan
Hiroyuki Goto ventured into what appeared to be a high-risk business nearly two decades ago when, at the age of 28, he started providing rent guarantees for foreign nationals living in Japan. 'Everyone around me strongly advised me not to do it and tried to stop me. They thought I was a bit crazy,' said Goto, who founded Global Trust Networks (GTN) in 2006. Goto was somewhat optimistic because of personal experience. When he was a student at Chuo University, he was hanging out with a number of foreign exchange students, and even established a startup with some of them. Goto ended up co-signing leases for around 20 non-Japanese people, including some friends and friends of friends he had never met. 'Luckily, not a single one of them caused me any trouble," Goto recalls. "That experience made me think that this would work.' Getting a lease guaranteed in Japan can be difficult, especially for newcomers. Traditionally, a Japanese citizen, permanent resident or other person well-established in the country had to agree to be the guarantor. In recent years, commercial solutions have become more common, so that there's no need to find an individual to co-sign. A company will do it for a fee — normally an upfront charge and then a monthly charge calculated as a percentage of the total rent. These companies are not always willing to take a chance and co-sign a lease for a non-Japanese tenet. On paper, foreigners tend to be risky from a credit analysis point of view. They normally have sparse credit histories and few assets in Japan, and they are statistically more likely to leave the country at some point. Goto's experience suggested that the actual risk of backing a foreign resident might not be unusually high, and he thought that renting a place should not be an obstacle for people coming to Japan. More broadly, he felt it was inevitable that the country would have to accept more foreign workers due to depopulation. So, he started GTN. The number of foreign workers in Japan topped 2.3 million last year, a fourfold increase in 15 years, while GTN's sales have grown 11-fold over the past decade. The company has never had a down year since its founding, according to Goto, who is the CEO and remains the largest shareholder of the company. Even during the pandemic, GTN managed to maintain sales, as the business model is mainly based on recurring revenue, Goto said. One key to success is developing the know-how to control risks so that payments are made on time and tenants remain in good standing. 'We invest significant resources and money into providing support for foreign residents to make sure that they adapt to Japanese customs and successfully settle in,' he said. Closely communicating with each client and offering appropriate help to solve problems, being more than just a guarantor, lowers risk of delay or default, Goto added. GTN has expanded significantly since its founding. In 2014, the company established a staffing business for foreign workers. The following year, it started offering mobile phone services. In 2017, GTN rolled out a credit card for non-Japanese residents in Japan. GTN announced in July a capital tie-up with Nippon Life Insurance, Japan's largest life insurer, to strengthen its financial and insurance business. Ikebukuro-headquartered GTN now has 10 locations in Japan, including a sales outlet at Haneda Airport. It has also established itself overseas, with three locations in Vietnam and one each in South Korea and Mongolia. With Japan still facing severe labor shortages and expected to rely more on foreign workers, Goto feels the roles that GTN plays to connect foreigners to Japanese society will be more crucial. Signs of increasing anti-foreign sentiment emerged in the Upper House election in July. Sanseito, a right-wing populist party, gained seats with a 'Japanese First' platform. 'I'd expected the topic of foreign nationals would be brought to the table at some point, but it's a bit surprising how abruptly it has surfaced in the current political climate,' Goto said. While policies concerning foreign nationals are drawing attention, Goto said accepting foreign capital and foreign labor is essential for the Japanese economy, especially when it comes to achieving economic growth in areas outside the main cities. Claims of problems related to foreign residents — such as garbage not properly sorted and unlicensed lodging establishments being operated — have been widely reported, but Goto believes this represents an opportunity. 'Instead of saying 'let's stop accepting foreign nationals because these problems happen,' we believe it's really important to work together with the government and local municipalities to solve these problems,' he said. Taiwan Semiconductor Manufacturing Company has been building factories in Kumamoto Prefecture, and GTN opened an office there last year. 'Everyone basically welcomes foreign investments that energize the local economy,' he noted.
Wall Street Journal
6 days ago
- Business
- Wall Street Journal
China's No-Exit Plan for Foreigners
Chinese President Xi Jinping has been eager to lure American companies to invest in China, but you wouldn't know it from Beijing's latest actions. China is preventing American citizens, including a Commerce Department employee and a Wells Fargo banker, from leaving the country. The detentions, known as 'exit bans,' highlight the continuing risk to American companies of doing business in China. The State Department says it is working to get them released and that it has 'no higher priority than the safety and security of American citizens.' But the Chinese bans have ensnared dozens of foreigners over the years, often with little recourse.
Zawya
21-07-2025
- Business
- Zawya
Most organizations miss business context when assessing cyber risk, finds new research from Qualys
According to new research commissioned by Qualys and conducted by Dark Reading, despite rising investments, evolving frameworks, and more vocal boardroom interest, most organizations remain immature in their risk management programs. Nearly half of organizations (49%) surveyed for Qualys' 2025 State of Cyber-risk Assessment report, today have a formal business-focused cybersecurity risk management program. However, just 18% of organizations use integrated risk scenarios that focus on business-impacting processes, showing how investments manage the likelihood and impact of risk quantitatively, including risk transfer to insurance. This is a key deficiency, as business stakeholders expect the CISO to focus on business risk. Key findings from the research include: Formal Risk Programs are Expanding, But Business Context is Still Missing 49% of surveyed organizations report having a formal cyber risk program in place which looks like a promising statistic on the surface. But dig deeper, and the data shows otherwise: Business Alignment Gaps: Only 30% report that their risk management programs are prioritized based on business objectives Recent Implementations: 43% of existing programs have been in place for less than two years, indicating a nascent stage of maturity Future Plans: An additional 19% are still in the planning phase More Investment ≠ Less Risk: Why the Cyber ROI isn't Adding Up Cybersecurity spending has continued to grow. Yet one of the most revealing insights from the study is that a vast majority (71%) of organizations believe that their cyber risk levels are rising or holding steady. 51% say their overall cyber risk exposure is increasing 20% say it remains unchanged Only 6% have seen risk levels decrease The Missing Metric: Business Relevance in Asset Intelligence Visibility in cyber risk management is about a principle that hasn't changed in 20 years: you can't protect what you can't see. Yet even in 2025, asset visibility remains one of the biggest blind spots: 83% of organizations perform regular asset inventories, but only 13% can do so continuously 47% still rely on manual processes 41% say incomplete asset inventories are among their top barriers to managing cyber risk Risk Prioritization Needs to be a Business Conversation, Not a Technical One Another illusion that persists is the idea that all risks can and should be patched. The longstanding practice of prioritizing vulnerabilities based solely on severity is no longer sufficient. The industry looks to be grasping the fact that risk prioritization needs to go beyond single scoring methods like CVSS alone, with 68% of respondents using integrated risk scoring combining threat intelligence or using cyber risk quantification with forecasted loss estimates to prioritize risk mitigation actions. However, these next data points show that the industry still has some way to go: Nearly one in five (19%) of organizations continue to rank vulnerabilities using a single score like CVSS alone Just 18% update asset risk profiles monthly Reporting Risk in Business Terms, Not Security Jargon Executives do not want to hear how many vulnerabilities have been patched. They want to understand what the organization stands to lose, and what's being done to protect it. Yet the study finds that while 90% of organizations report cyber-risk findings to the board: Only 18% use integrated risk scenarios Just 14% tie risk reports to financial quantification Business stakeholders are only involved less than half the time (43%) And only 22% include finance teams in cyber risk discussions 'The key takeaway from the research isn't just that cyber risk is rising. It's that current methods are not effectively reducing that risk by prioritizing the actions that would make the greatest impact to risk reduction, tailored to the business. Every business is unique; hence, each risk profile and risk management program should also look unique to the organization. Static assessments, siloed telemetry, and CVSS-based prioritization have reached their limit,' commented Mayuresh Ektare, Vice President, Product Management, Enterprise TruRisk Management, Qualys. 'To address this, forward-leaning teams are adopting a Risk Operations Center (ROC) model: a technical framework that continuously correlates vulnerability data, asset context, and threat exposure under a single operational view. The ROC model provides a proven path forward for organizations ready to manage cyber risk the way the business understands it and expects it to be managed,' Ektare continued. Below are some recommendations to help businesses better align cybersecurity risk with business priorities: Business risk is all about context. In order to have a good understanding of organizational risk, a business first needs to understand what their business-critical assets are, then understand their risk factors or threats as it relates to those crown jewel assets. Without this context, vulnerabilities or threats are just information. If everything is critical, nothing is. Prioritizing risks is paramount as organizations do not have unlimited resources. In order to be capitally efficient, companies need to spend as little as possible to avoid the largest possible amount of risk. Whatever is not mitigated through technology represents risk that needs to be accepted, or transferred to cyber insurance. To get a good read of the cyber-risks across the enterprise, organizations need a diverse telemetry of risk signals. Organizations can't rely on just one — such as scanning for vulnerabilities — instead, companies need visibility into their application security, identity security stack, and more, every part of the enterprise that is exposing your attack surface. Instead of focusing on reactive incident response — for example with a SIEM or a SOC — organizations need a better system that proactively looks to predict risks and works to reduce the likelihood of an event happening by implementing a Risk Operations Center (ROC). This approach to risk management helps leaders make better, more informed decisions based on their unique business context. Organizations need to overhaul the way they are communicating cyber-risk to the board. Integrated risk scenarios that focus on business-impacting processes, such as how investments and insurance impact risk, will be the future of 'business-oriented' risk reporting, and much more effective at the purpose of communicating to board members.
Reuters
17-07-2025
- Business
- Reuters
Wells Fargo suspends China travel after employee exit ban, source says
July 17 (Reuters) - Wells Fargo (WFC.N), opens new tab has suspended all travel to China after a banker was blocked from leaving the country, a person familiar with the matter told Reuters on Thursday. The U.S. banking giant's Chenyue Mao was subjected to an exit ban after she entered China in recent weeks, the Wall Street Journal reported, citing people familiar with the matter. "We are closely tracking this situation and working through the appropriate channels so our employee can return to the United States as soon as possible," Wells Fargo said in a statement emailed to Reuters. The ban could worsen concerns among multinational companies about the risks of doing business in China, particularly around employee safety and freedom of movement. The incident could also chill corporate travel to the country and complicate relations between the world's two biggest economies. Broader U.S.-China relations remain tense, shaped by deepening strategic, economic, and geopolitical rivalries. Mao was born in Shanghai and is based in Atlanta, according to a June 2025 release from FCI, where she serves as chairwoman. FCI, formerly named Factors Chain International, is a global network of companies that do business in the factoring and financing of trade receivables. Before her election as FCI chair in June, Mao served as vice chair of the body. The industry body did not immediately respond to a Reuters request for comment on the matter. Mao is a U.S. citizen, the source said. She has been a banker at Wells Fargo for over a decade, according to her LinkedIn profile. She currently serves as a managing director at the lender and spearheads its international factoring business, as well as advising multinational clients on cross-border working-capital strategies. Factoring is a financing method where companies sell their receivables to third parties, such as banks, in exchange for immediate cash. The third party, known as the factor, profits by purchasing the receivables at a discount and collecting the full amount later. The Wall Street Journal reported that it could not be determined precisely when Mao entered China, or what prompted the travel restriction. She has worked and interacted with Chinese companies and industry groups on trade financing and international factoring matters, the Journal reported, adding that she also sometimes traveled to China for business. Beijing has increasingly used exit bans on both Chinese and foreign nationals, often in connection with civil disputes, regulatory investigations or criminal probes. Many affected individuals are unaware of the restrictions until they attempt to leave the country. Mao did not immediately respond to a Reuters request for comment on LinkedIn. The White House and China's foreign ministry did not immediately respond to requests for comment. In September 2023, authorities in China ordered a senior Nomura banker overseeing the firm's investment banking operations there not to leave the mainland. Some companies have canceled or delayed trips to China in recent years, while others have introduced safeguards such as advising staff to enter the country in groups rather than alone. Human-rights groups say, opens new tab China is using exit bans more frequently, often targeting individuals under investigation or those asked to cooperate with government inquiries.
