Learn about the top five emerging risks enterprise assurance leaders may face in 2025 based on Gartner’s most recent Quarterly Emerging Risk Report.
Emerging risks are dynamic, evolving over time as they transition from emerging to established risks within the landscape. Typically, the emerging risk landscape shifts from year to year or quarter to quarter, with the top five risks constantly vying for the top position.
Gartner’s Quarterly Emerging Risk Report for 2024 revealed an intriguing trend: none of the top five emerging risks identified in Q1 2024 remained in the top five by Q4 2024. While some topics showed consistency in concept or evolution in risk areas, the shift over the year is noteworthy. Let’s delve into the top five emerging risks as of Q4 2024 and how they emerged:
IT Vendor Criticality
Defined as the risk of overreliance or unknown reliance on third- or nth-party IT vendors, which leads to operational IT risks like outages or data loss. This risk started 2024 outside the top five but climbed to the top spot by Q4 2024 due to market consolidation and increased vendor concentration.
AI-Enhanced Malicious Code
This risk involves the increased threat of high-impact cyber events from the use of AI for malicious code generation. This risk appears to be an evolution of AI-enhanced malicious attacks, which topped the list in Q1. Advances in AI and AI tools continues to pose a serious threat as bad actors evaluate viability of their code generating capabilities.
Unsettled Regulatory and Legal Environment
This risk stems from increasing compliance complexity or costs due to regulatory changes following court decisions and elections. While not on the list in Q1, this is a result of a globally consequential election, which ranked as high as 4th on the emerging risks list in 2024. Many industries are waiting with bated breath for the sweeping changes to be announced or enacted in regard to regulatory requirements under the new administration.
Postelection Volatility
Defined as the risk of rapid changes due to new governments (e.g. US) and policies, this risk is also a result of the globally consequential election. International reactions to new policies continue to create near-term uncertainty.
Soft Ransomware Targets
This risk involves systems vulnerable to ransomware due to underinvestment or technical debt, leading to prolonged business disruptions. It emerged in Q4 2024 as organizations struggled with allocating appropriate resources across their array of systems, typically on basis of criticality, leaving some systems exposed.
Understanding these emerging risks is crucial for effective risk management and strategic planning. How do you see these risks impacting your organization?
Let us know at [email protected].
About the Gartner Quarterly Emerging Risk Report
The Gartner Quarterly Emerging Risk Report provides assurance leaders with a benchmarked view of 20 emerging risks and analyzes the connections between risk events, their causes and consequences. The report simplifies risk assessment and reporting, making complex scenarios easier to present to executive leaders and risk committees.
About Schneider Downs Risk Advisory Services
Schneider Downs’ team of experienced risk advisory professionals focus on collaborating with your organization to identify and effectively mitigate risks. Our goal is to understand not only the risks related to potential loss to the organization, but to drive solutions that add value to your organization and advise on opportunities to ensure minimal disruption to your business.
Explore our full Risk Advisory Service offerings or contact the team at [email protected].
