As we look ahead to a year of continued uncertainty, organizations across MENA face a multitude of social, economic, and health-related threats. Building resilience ahead of the curve is a fundamental social, economic and business-continuity imperative.
Yet research shows that a great many MENA organizations are operationally and psychologically ill-prepared for the risks - and the opportunities - that lie ahead. Those risks include climate change, cybercrime and ‘people risk’, of which climate change is arguably the greatest.
Climate risk
Despite its well-known threat to social, economic, and environmental sustainability, the climate crisis offers opportunities for regional growth. With COP27 in Egypt and COP28 scheduled for the UAE, we have a historic opportunity to showcase our commitments to climate change mitigation and sustainability.
The good news is that policymakers across the region have stepped up as global leaders on climate change, net zero and the energy transition. Net zero commitments have been made by the governments of Bahrain, Kuwait, Oman, Saudi Arabia and the UAE, while state-backed oil and gas companies like Saudi Aramco, Qatar Energy, and the UAE’s ADNOC have committed to reducing their greenhouse gas emissions and reliance on carbon-intensive production.
These represent a cohesive regional understanding that the energy transition is necessary, real, and economically viable. Right across the energy sector, new value chains are emerging in areas like carbon capture, blue hydrogen, fuel cell technologies and electric mobility.
Combined, these represent significant opportunities for regional growth and the realization of new supply chains with multiplier effects on economic development, job creation and economic resilience. Taking advantage of the opportunities inherent within such risks is as important for economic growth as it is for risk mitigation – they are two sides of the same coin.
Yet research shows that the majority of organizations in MENA are ill-prepared to mitigate risk and (subsequently) unprepared to take advantage of the opportunities. When it comes to building resilience against future shocks, there is a concerning lack of readiness – particularly with the threat of cybercrime.
Cyber resilience
Indeed, findings in the new Middle East & Africa State of Cyber Resilience report from Marsh and Microsoft suggests that the dearth of operational and psychological readiness should be a cause for concern. It shows that, after questioning over 660 regional and global cyber risk decision makers, only 4 per cent of Middle East and Africa respondents are ‘highly confident’ in their organizations current risk management program.
The report also shows that the majority of organizations are still struggling to understand the risks posed by their vendors and digital supply chains as part of their cybersecurity strategies, with 60 per cent of respondents stated that they have not conducted a risk assessment of their vendors or supply chains.
These statistics make it clear that the vast majority of businesses in the region have significant work to do in advancing their cybersecurity capabilities.
People risks
People risk refers to a range of issues that threaten the productivity, safety, security, and sustainability of a workforce. According to the Mercer Marsh ‘Benefits MEA People Risk Report’, the region faces its own unique ‘people risk’ challenges – including cybersecurity and data privacy. Sadly, a scarcity of skilled resources makes it harder for businesses to understand and manage cybersecurity risks – pointing toward an enduring digital talent gap. Companies also face risks attached to catastrophic personal life events, communicable health conditions, and financial probity.
Holistic resilience strategies
A first crucial step towards building resilience is to develop a comprehensive risk management approach that incorporates risk management at a much deeper, operational, structural and strategic level. This means moving away from purchasing means-to-an-end insurance products, towards a holistic approach based on an understanding of each organisation’s unique industry, strategy and operating mode as well as risks trends and enabling solutions.
For the insurance and risk management industry, this means developing pertinent data pools and bringing together local knowledge and worldwide trends and insights, to help businesses to develop resilience against local, regional, and global emerging threats.
As with cybercrime and climate change, tackling people risk requires expert consultancy that makes it possible for companies to appreciate the severity and nature of people risk that they face.
Using data, market understanding and modelling strategies, businesses gain the ability to build resilience strategies that accurately reflect their unique circumstances, leaving them well-placed to survive future shocks – and take advantage of the many opportunities that present themselves in an ever-changing world.