I recently had the pleasure of sitting down with Brian Allen, a seasoned leader and the author of several books on Enterprise Security Risk Management (ESRM), where we discussed the profound changes driven by AI and digitalization that are transforming industries and the role of leadership itself. Brian shared the insightful sentiment that “this moment feels different because it is different”. This comment set the tone for our discussion, sparking thoughts on how leaders can best prepare for and navigate the challenges and opportunities of this new era.
Noelle: The pace of digital transformation, especially with AI, has been extraordinary. Does this feel different to you, and how does it affect the way you approach your role?
Brian: It absolutely feels different — and it is different. We’re in the Fourth Industrial Revolution, and it’s moving incredibly fast. AI has disrupted industries in ways that took the third revolution decades to achieve. This isn’t just another trend; it’s a fundamental shift. For executives, it’s no longer about incremental change, it’s about adapting to a wave of transformation that’s already happening. We need to be prepared to do things differently and to think about management and strategy in new ways because this moment demands it. In particular, risk management practices need to mature and interact with business at a different speed.
Noelle: Managing this kind of change must require a clear balance of risk and opportunity. How do you ensure that balance drives your strategy?
Brian: That’s exactly right. It’s about finding that balance and making it actionable. Risk management isn’t just compliance, it’s a living, breathing part of the business now. You can’t simply have quarterly meetings where risk is reviewed and then analyzed. With digitalization and AI, the environment changes constantly. The models evolve, the use cases evolve, and so does the risk and opportunity. So, you need a strategy that’s agile enough to keep up with those shifts. It needs to go deep into the organization, where everyone understands their role in managing this balance, not just the C-suite. Every department should feel accountable, and that requires a new level of transparency and communication.
Noelle: How do you ensure people are informed and feel comfortable escalating issues when risks fall outside established boundaries?
Brian: It starts with building an environment where people understand that escalation isn’t a sign of failure but an integral part of the business process. There needs to be a structured approach so that individuals feel comfortable speaking up. Take AI, for example — an end user might notice something unusual in a model’s behavior. Rather than overlooking it, they need to know they can raise that issue, and that the organization has a way to assess whether it’s an opportunity or a risk. It’s about having a well-understood process that makes escalation feel like second nature.
Noelle: With such rapid changes, do you think there’s a need for a dedicated risk practitioner or a Chief Risk Officer (CRO) to manage this process?
Brian: Yes, they are essential in today’s landscape as their role is much more than monitoring. They are responsible for setting the right tone and structure for risk management across the business. They help define risk tolerance, ensure transparency, and challenge the strategy where needed. It’s a role that sits at the intersection of risk and strategy and works to make sure the business remains aligned with its goals while managing emerging risks effectively.
Noelle: What are some key elements needed to build this kind of resilient, risk-informed process?
Brian: At its core, it’s about establishing a process that’s transparent, adaptable, and ingrained in the company’s culture. It’s no longer just about “checking the box” for compliance. The process has to define clear risk-reward tolerances and include communication and training to ensure each department understands its role. Leadership needs to set this expectation, and it needs to be programmatic — repeatable, trusted, and part of the decision-making process at every level. In digitalization, speed is important, but so is control. We can move fast, but it has to be with control and awareness, which requires commitment from the top down.
With the right leadership, forward-thinking perspective, and a tech-savvy team, companies can position themselves as frontrunners in today’s fast-paced digital landscape. Whether you’re seeking an executive to lead your technology initiatives or looking to strengthen your team’s expertise in digital transformation, I’d love to connect.
Noelle Swan
Managing Director, McDermott + Bull Executive Search
nswan@mbexec.com
Noelle serves as a Managing Director at McDermott + Bull and is part of the firm’s Technology Practice, based in New York, NY. She has over 20 years of experience in the talent acquisition industry, finding the right candidates to support her client’s needs for skill, experience, and culture fit. Her expertise spans across the broad spectrum of technology, with specific emphasis on information, communication and technology (ICT), networking, and cybersecurity.