Technology updates - Issue 1/2025

Innovation and technology are one of the drivers for organisation growth and enhancing competitiveness of different industries. This ‘Technology Updates’ includes the latest updates on cybersecurity, emerging technology & data privacy for your reference:

 

Global Privacy & Data Protection eBook 2025 

In 2025, global privacy and data protection are being reshaped by key trends. Data sovereignty is increasing, with countries asserting control over data within their borders, leading to localized regulations that challenge multinational organizations. Ethical considerations in data processing, especially with AI and machine learning, are gaining attention, prompting calls for fairness and transparency.

Privacy by design is becoming more prominent, advocating for integrating privacy into technology development from the start to protect personal information and mitigate risks. Decentralized technologies like blockchain and cryptocurrency offer both opportunities and challenges, requiring nuanced regulatory frameworks.

In marketing technology, there is a push for ethical handling of consumer data, with regulations demanding clear consent and robust protection measures. Cross-border data transfers remain crucial, with mechanisms like Standard Contractual Clauses (SCCs) and Binding Corporate Rules (BCRs) ensuring secure exchanges while maintaining privacy standards.

Privacy is a fundamental right that demands rigorous protection and harmonization.

Read more from the source:
https://www.bdo.global/en-gb/insights/advisory/ras/global-privacy-data-protection-ebook

 

Staying with GL20 Cyber Resilience Assessment Framework for the Authorised Insurers in Hong Kong

To stay current with the evolving cyber threat landscape, the Insurance Authority (IA) has conducted a comprehensive review of the Guideline on Cybersecurity (GL20). As a result, the IA proposes the Cyber Resilience Assessment Framework (CRAF) and makes the revision of GL20 effective from 1 January 2025.

Under CRAF, authorized insurers are required to conduct an Inherent Risk Assessment (IRA). Based on the IRA rating, these insurers are expected to achieve different levels of cybersecurity maturity and complete the initial assessment within various timeframes. The comparison table is provided below:

The insurers with higher Inherent Risk should complete more tasks within shorter timeframe. Hence, BDO recommends the authorised insurers immediately conducting the IRA based on hard facts in order to establish reasonable assessment schedules. 

Read more from the source:
https://www.ia.org.hk/en/legislative_framework/circulars/reg_matters/files/GL20.pdf
 

Enterprise Risk Management for Today’s Threat Landscape 

In today's complex risk landscape, businesses must adopt a comprehensive approach to Enterprise Risk Management (ERM) that transcends traditional, siloed methods. Historically, organizations treated risks as isolated events, leading to fragmented risk management strategies. This has necessitated a shift towards ERM, which integrates risk management across all departments, fostering collaboration and proactive risk mitigation.

A key aspect of modern ERM is recognizing the interconnected nature of risks. For instance, a cybersecurity breach can have cascading effects on operations, finances, and customer trust. By employing a cross-functional approach, organizations can better assess these interdependencies and develop holistic strategies to manage risks effectively.

Moreover, businesses are encouraged to embrace an antifragile mindset, viewing crises as opportunities for growth rather than mere challenges. This involves cultivating a culture of experimentation and continuous improvement, allowing organizations to emerge stronger from disruptions.

Data plays a crucial role in this transformation. By leveraging advanced analytics and technologies like AI, companies can turn risk data into valuable insights that drive innovation and operational efficiency. 

To ensure the success of ERM programs, organizations must effectively communicate their value to stakeholders, using storytelling to engage and foster buy-in. By aligning ERM with overall business strategy and emphasizing its role in achieving strategic goals, companies can navigate today's volatile environment and turn risks into opportunities for growth.

Read more from the source: https://insights.bdo.com/Enterprise-Risk-Management-for-Today-s-Threat-Landscape.html

 

How can BDO help?

At BDO's Digital Advisory Services, we are more than just a team of experts; we are your dedicated partners in the digital transformation journey. Understanding that every business has unique challenges and ambitions, we dive into the heart of your operations, assessing and aligning technology with your strategic goals. Our expertise spans from deploying AI and enhancing data analytics to bolstering cybersecurity measures and adopting cloud solutions like Oracle NetSuite, tailored to streamline and safeguard your business processes. By focusing on practical, effective strategies, we ensure that technology integration is seamless, adding real value to your operations. 

Our approach is hands-on and grounded in real-world outcomes, making complex digital transitions understandable and manageable. With BDO, you are not just adapting to the digital age; you are thriving in it, powered by solutions that drive growth, efficiency, and innovation, all while keeping your data secure and operations compliant. 

Let us help you navigate the digital landscape with confidence, making technology work for you in the most impactful way.