Focus to remain on the potential and threats caused by AI, but also a large shift towards sustainability  

James Cherry, CTO, Northdoor plc 

2023 has been another year of huge change and challenges for the IT world. The sophisticated threat from cybercriminals has provided a real challenge for companies, as has the increasing pace of tech innovation. However, on the whole, companies have been able to rise to the challenge, begin to implement solutions to protect themselves and realise the benefits of tech innovation. 

However, 2024 is likely to throw new challenges at the sector. Some have already presented substantial opportunities and challenges such as Artificial Intelligence (AI), others will become increasingly important as the months roll on.

Sustainability 

Focusing on the green agenda has been a major focus for companies in 2023. This is likely to increase substantially in 2024. Organisations need to understand how they can baseline, measure and report especially if they wish to do business in Europe. They need to understand how technology can drive business innovation around sustainability and how they can manage the threats and capitalise on the opportunities.

EU sustainability regulations 

The Corporate Sustainability Reporting Directive (CSRD) will set the standard by which nearly 50,000 EU companies will have to report their climate and environmental impact. The EU Commission adopted the directive in November 2022. CSRD will replace and build on the Non-Financial Reporting Directive (NFRD) by introducing more detailed reporting requirements and expanding the number of companies that have to comply. 

The EU believes that consumers and investors deserve to know the sustainability impact of businesses, and CSRD was created because the existing legislation wasn’t comprehensive enough. Even though CSRD is an EU directive, it also applies to companies based abroad that have a presence in the EU. This means that a UK-based company with subsidiaries in the EU has to abide by CSRD. 

CFRD will start to apply in stages between 2024 and 2028. Organisations need to start now on understanding how they will meet CSRD requirements. Taking time now to prepare a robust data and reporting strategy with the help of experienced third-party IT consultants will keep organisations ahead of the curve.

The triple bottom line- profit, people, planet 

Previously, organisations have focused on economic impact, growth and turning a profit. More recently future-thinking business leaders have found that they can use their organisations as a force for good, effecting positive change and driving sustainability without impacting financial performance.  

The “three P’s” of the triple bottom line are: profit, people, and the planet. Organisations can use these categories to determine their environmental responsibilities and identify whether they are having any negative social impacts. By identifying these elements, organisations can then introduce sustainable practices into all areas of their operations, including: supply chains, business partners, suppliers and employees. In turn this positively impacts the local environment, community, education and customers in addition to turning a profit.

Net-Zero and sustainable products 

In order to take their operations to net-zero and reduce climate-risk exposure, organisations are increasingly looking to develop new, sustainable products. To do this, they will need new analytical tools to assess carbon emissions and incorporate climate change into how they quantify risk.  

Working with third-party IT consultants, organisations can devise a strategy to manage financial risks, meet regulatory requirements, implement stress testing, revise Enterprise Risk Management (ERM) frameworks and assess risk appetite which is all associated with sustainable business. Organisations need to also mange product and service innovation to meet the sustainability needs of clients. Again, third-party IT consultants can help with this, going some way to ensure organisations are meeting the expectations of their wider stakeholders.

Generative AI and Governance 

2023 has also seen organisations looking to understand how to utilise and apply governance to generative AI and we expect this to continue into 2024 and beyond. Generative AI will change the AI game by taking assistive technology to a new level, reducing application development time, and bringing powerful capabilities to non-technical users. The benefits of Generative AI include: The ability to use synthetic data to help improve financial models, tackling the advice gap with better, more accurate information, the ability to hyper-personalise products and services to people. For example, in the insurance sector Generative AI can be used to better meeting customer needs and allows insurers to tackle fraud and money laundering more quickly and accurately and at scale. 

However, as Generative AI can produce content autonomously, accountability is essential. With the benefits, comes certain risks involving cyber fraud, cyberattacks and identity fraud increasing in scale, sophistication and effectiveness. This means that as AI is further adopted, the investment in fraud prevention and operational and cyber resilience will have to accelerate at the same time.

Bridging the skills gap 

According to a study by Forbes Advisory, 93% of the 500 businesses surveyed reported that there is a gap in IT skills in the UK jobs market. Significantly, 42% of these businesses say the problem is due to the fast pace of technological advancements. With this in mind, organisations need to look to third-party IT consultants who have the knowledge and expertise to plug this gap and robust cyber resilience and governance across generative AI.

Mature DataOps will be essential 

According to Mckinsey, 90% of companies recognise the value of advanced analytics which has become a top priority across industries over the last ten years. Many have begun to put internal analytics initiatives in the place but struggle to scale them as the initiatives fail to collaborate well with Artificial Intelligence and Machine Learning. 

An organisations’ success depends on harnessing data effectively to accelerate the journey towards AI. A mature DataOps strategy can prove to be a game changer here. Gartner defines DataOps as “a collaborative data management practice focused on improving the communication, integration and automation of data flows between data managers and consumers across an organisation.” 

Organisations can use their mature DataOps strategy as an enablement tool across the whole value chain- from data ingestion through processing, modelling, and customer insights. 

However, implementing a DataOps strategy requires organisations to combine strict governance with the right technologies and upskilling programs. The challenge here is that standardised toolchains and out-of-the-box solutions are often not available and need to be built. Third-party IT consultants have the right data-engineering talent to create and implement these out-of-the-box solutions for organisations that may not know where to start.

Cyber Security in 2024 

As AI increases in sophistication so will sophisticated cyberattacks. This will range from deepfake social engineering attempts to automated malware that adapts in order to evade detection. At the same time, AI will help organisations to detect, evade or neutralise threats using real-time anomaly detection, smart authentication and automated incident response. In fact, IBM Security’s 2023 Cost of a Data Breach study, reported that the most significant single factor in reducing the time to identify and the cost to remediate is AI and automation. UK organisations pay an average of £3.4 million for data breach incidents but that those who use AI and automation spend around £1.6 million less. The implementation and management of AI-powered and automated solutions that give a 360-degree, real-time view of supply chains, can have a real impact on an organisations’ ability to remain secure.

Mitigate risks with AI-powered solutions 

Okta, a company that provides both single- and multi-factor identity tools, suffered a breach that saw the company lose $2 billion from its market valuation. Initially the company said the incident affected a very small number of customers, however it appears the hackers had access to company systems for two weeks before the hack was fully detected. AI-powered and automated solutions that give a 360-degree, real-time view of supply chains can help companies, such as Okta, identify and mitigate risk immediately. With CISO’s facing legal implications or even jail time (as in the case of the former Uber CISO), organisations need to have robust AI-powered measures in place in order to remain cyber resilient.