A new digital report, a whitepaper from professional services firm Aon plc says there are four megatrends driving increased volatility and complexity for their clients – trade, weather, technology and the workforce. All are examined in the firm’s recently published 2024 Client Trends Report: Better Decisions in Trade, Technology, Weather and Workforce.

They say the megatrends are all interrelated and require new strategies to address the enterprise-wide risks they introduce. “Organizations face challenges and complexities on a scale rarely seen before,” the report states. “These four megatrends are highly interrelated. Because of this, our clients recognize they cannot afford to consider them in isolation.” 

New vulnerabilities 

The report looks at technological change, saying the rapid pace of change is expanding attack surfaces for threat actors and exposing new vulnerabilities. They add that artificial intelligence (AI) has the potential to considerably accelerate an organization’s growth and development, but, they add, “leaders need to also be aware of the severity and pace of risks associated with its use.” 

The report advocates for processes, governance and training. It looks at third-party risk assessment, discusses climate obligations and regulator requirements (the report provides a list of climate regulations and what each require from stakeholders), and discusses weather and climate’s impact on the workforce. It also examines public private partnerships briefly. 

Cyber security culture 

And while boards may still debate whether they should involve cyber experts, the report warns that a talent shortage could further compound challenges. “There are no quick fixes that can change a cyber security culture. As such, programs often fail early due to lack of short-term progress. Changing human behaviour is difficult and doesn’t happen quickly. This challenge requires a lot of reinforcement investment and follow-through,” they state. “Both the curriculum and delivery of cyber training will need to increase employee knowledge and sophistication regarding cyber risks each year, rather than treat cyber security training as a one-and-done exercise.”