Economy, Cyber Threats and Talent Dominate List of Critical Near-Term Risks for Boards and Executives, Protiviti and North Carolina State University Survey Finds

Business leaders feel their organizations’ resilience and ability to navigate a dynamically shifting risk landscape has been battle tested

MENLO PARK, Calif., Feb. 13, 2025 /PRNewswire/ — Above all other concerns, the economy remains the number one risk keeping global business leaders up at night, according to a new survey from Protiviti and North Carolina State University’s ERM Initiative. The survey measures the most pressing business risks over the next 2-3 years, as well as a decade later. Economic uncertainty and volatility are expected to persist as leaders grapple with inflation, tariffs, geopolitical upheaval, growth in AI and other emerging technologies, and upcoming policy changes from new administrations globally.

Experience the interactive Multimedia News Release here: https://www.multivu.com/robert-half/9318151-en-protiviti-nc-state-near-and-long-term-business-risks-survey-results

The 13th annual survey, “Executive Perspectives on Top Near- and Long-Term Risks,” polled 1,215 board members and C-suite executives around the world about their views on 32 macroeconomic, strategic and operational risks facing their companies over the near-term (two to three years ahead) and the long-term (a decade later). In today’s interconnected risk landscape, business leaders face complex uncertainties but feel better prepared to operate in a volatile environment and keep pace with change.  

Top 10 Global Risks (over the next 2–3 years)

• Economic conditions, including inflationary pressures
• Cyber threats
• Ability to attract, develop and retain top talent, manage shifts in labor expectations, and address succession challenges
• Talent and labor availability
• Increases in labor costs
• Heightened regulatory change, uncertainty and scrutiny
• Third-party risks
• Rapid speed of disruptive innovations enabled by new and emerging technologies and/or other market forces
• Adoption of AI and other emerging technologies requiring new skills in short supply
• Emergence of new risks from implementing artificial intelligence

A notable change in the results is that board members and executives generally feel more positive about their organizations’ resilience, agility and preparedness to deal with crises or changes in the market. Resistance to change was ranked as the fourth biggest risk for companies in 2023 and has fallen to 17th place for this year’s survey, indicating that companies have established more agile business models and frameworks for identifying and responding to the unexpected with an increased level of flexibility in their strategic approaches.

“Despite the volatile economic environment with deglobalization, tariffs and the threat of trade wars, and changing regulation, leaders are feeling more confident that their organizations are battle-tested and better prepared to deal with disruption whether it’s anticipated or not,” said Matt Moore, Global Leader of Risk & Compliance at Protiviti. “Global leaders will need to tap into this confidence to adapt to evolving policies and a dynamic business landscape in the U.S. and abroad.”

Talent Risks Remain High: AI Risks Permeate Everything
Risks related to talent – whether challenges about attracting and retaining talent or increasing labor costs – occupy three of the top five short-term risks, indicating significant ongoing challenges. It is now clear that the risks AI poses are embedded in several of the other top 10 risks. This is especially true when looking at the talent-related risks. As AI technology evolves to agentic AI and physical AI, this will require widespread reskilling and upskilling, so that workforces are prepared to meet the demands of the future. 

It’s Not “If” But “When” For Cyber Attacks
Boards and C-suite leaders ranked cyber threats as the second most concerning risk over the next two to three years, outranked only by the economy. Cyber threats also represent the most-cited long-term operational risk for executives, with 31% selecting it among their two most concerning operational risk issues for the next decade.

“The widespread impacts of a cyber event permeate an entire company, which result in a number of potential risks – operational, financial, reputational and beyond. It’s imperative that CISOs have open and honest conversations with senior leadership and board members on the organization’s cyber risk profile. These discussions inform the steps taken to manage the variety of cyber threats that companies must face – including everything from risk of third parties with access to the company’s data or environment to nation state-sponsored attacks,” said Andy Retrum, Global Leader, Technology Risk & Resilience, Protiviti.

The Road Ahead: Top Risks for 2035
The study asked respondents to rank their top two risks a decade out across three risk categories:

Macroeconomic risk outlook:

1. Economic conditions, including inflationary pressures
2. Talent and labor availability

Strategic risk outlook:

1. Heightened regulatory change, uncertainty and scrutiny
2. Rapid speed of disruptive innovations enabled by new and emerging technologies and/or other market forces

Operational risk outlook:

1. Cyber threats
2. Ability to attract, develop and retain top talent, manage shifts in labor expectations, and address succession challenges

Many of the near-term risks continue to show up in the long-term assessment – the economy, talent and cyber remain center stage. While leaders may be confident about their ability to deal with change, it’s clear that the impacts of today’s risks are expected to persist into the next decade.

It is not just the top risks, but those a little further down the list that give insight into the risks on the rise for the next decade. Just over one-fifth (22%) of global executives ranked geopolitical shifts as one of their top two macroeconomic risks over the long term. Customer loyalty (22%) and supply chain (16%) were also on the minds of survey respondents, with a sizeable number selecting them as one of their top two operational and strategic risks respectively. 

Dr. Mark Beasley, professor of Enterprise Risk Management, director of North Carolina State University’s ERM Initiative and co-author of the report, said: “The best companies will see these risks as inherently interconnected. Too often, companies are looking at risks in silos where one hand isn’t consistently talking to the other. To address the future impacts of AI, geopolitical events and regulation, executives will need effective collaboration to strengthen their organization’s resilience.”

Resources Available

The “Executive Perspectives on Top Near-Term Risks and Long-Term Risks” report from Protiviti and North Carolina State University’s ERM Initiative provides detailed results and analysis broken out across executive positions and industry groups.

A webinar will be held Tuesday, Feb. 25 at 1 p.m. ET, where panelists will share key takeaways from the survey and explore the interconnected nature of emerging risks and their strategic implications. Panelists include Carrie McNish, Managing Director, People & Change, Protiviti; Constantine Boyadjiev, Risk & Compliance Analytics Global Leader, Protiviti; and Ryan McCarthy, Senior Director, Security & Privacy, Protiviti.

About Protiviti

Protiviti (www.protiviti.com) is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Protiviti and its independent and locally owned member firms provide clients with consulting and managed solutions in finance, technology, operations, data, digital, legal, HR, risk and internal audit through a network of more than 90 offices in over 25 countries.

Named to the Fortune 100 Best Companies to Work For® list for the 10th consecutive year, Protiviti has served more than 80 percent of Fortune 100 and nearly 80 percent of Fortune 500 companies. The firm also works with government agencies and smaller, growing companies, including those looking to go public. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI).

About North Carolina State University’s Enterprise Risk Management (ERM) Initiative

The Enterprise Risk Management (ERM) Initiative in the Poole College of Management at North Carolina State University provides thought leadership about ERM practices and their integration with strategy and corporate governance. Faculty in the ERM Initiative frequently work with boards of directors and senior management teams helping them link ERM to strategy and governance, host executive workshops and educational training sessions, and issue research and thought papers on practical approaches to implementing more effective risk oversight techniques (www.erm.ncsu.edu).