Risk-!n 2025: A Dynamic Journey for GRC Professionals in Zurich

Key Takeaways:

• Risk is no longer just about compliance; it’s about enabling decision-making and performance.
• Resilience must be integrated into business strategy, with a focus on quantifying risk exposure and embedding resilience at every level.
• Cyber resilience is best achieved through collaboration, intelligence sharing, and mutual support among organizations.
• Technology is reshaping the GRC landscape, with AI and real-time data becoming essential tools for risk management.

Deep Dive

Risk-!n 2025 in Zurich was far from just another GRC conference. It was a gathering that transcended the usual discussions around compliance and risk management. As media sponsors, we had the privilege of witnessing an event that felt like a catalyst for change—a space where over 300 professionals came together, sparked conversations, and explored how governance, risk, and compliance can be more than just a regulatory checkbox.

One of the key moments that set the tone for the event was Michael Rasmussen’s keynote. A seasoned veteran in the GRC space, Rasmussen captivated the audience with his belief that risk is not something to fear, but rather something to embrace.

“Risk is our business,” he quoted from Star Trek, bringing the spirit of exploration and decision-making into the realm of business. He made it clear that risk is inherent in every business, and the key is not to avoid it but to align it with business objectives and decision-making. Gone are the days when risk was something to be handled in isolation, a mere exercise in compliance. Today, it’s about enabling performance and helping organizations make smarter, faster decisions.

Rasmussen didn’t shy away from pointing out the flaws in traditional risk management. He reminded us how many companies are still operating in reactive mode, looking in the rear-view mirror instead of focusing on the road ahead. According to him, risk management should be proactive, integrated into every part of the business, and aligned with strategic goals. It's about taking the right risks, not just any risks, and navigating them with agility.

Risk and Resilience Takes Center Stage

Throughout the conference, it became clear that resilience is no longer a secondary consideration for businesses. It’s central to how organizations thrive in an increasingly unpredictable world. Maximilian Glodde from MEO Continuity and Didier Odorico from BD shared how organizations are shifting away from business continuity being a box-ticking exercise to making it a strategic priority.

For them, resilience isn’t something you plan for after a disruption occurs, it’s about being ready before the storm hits. They emphasized that, in today’s world, companies need to quantify their risk exposure and embed resilience into their operations from the very beginning. Glodde, in particular, put it best when he said that the real challenge is no longer just writing a business continuity plan; it’s about ensuring that the plan will actually make the organization resilient.

The conversation around cyber resilience took a compelling turn with François Beaume from Sonepar and Charles de la Horie from MIRIS. They explained how the mutual captive insurance model is helping companies, including Sonepar, build better resilience against cyber risks. With the rise of complex and frequent cyber threats, traditional insurance markets can no longer offer stable and affordable coverage. Instead, a more collaborative approach, where organizations share risk, intelligence, and resources, is proving to be the answer.

The benefits of this model became clear when Beaume recounted a ransomware attack at Sonepar that was mitigated by the real-time sharing of threat indicators within the MIRIS community. This collective approach not only helped Sonepar manage the attack more effectively but also reduced the impact on other companies within the network. It was a powerful example of how collaboration can build stronger cyber resilience.

What stood out the most from Risk-!n 2025, though, was the overwhelming sense of community. The event wasn’t just a place to sit and listen, it was a space to engage, discuss, and challenge each other on the future of risk management. This kind of active participation highlighted the growing desire among professionals to not just understand GRC concepts but to implement them in ways that drive tangible value for their organizations.

While we’ve touched on some of the standout moments, Risk-!n 2025 was filled with even more thought-provoking keynotes, discussions, and workshops that we couldn’t possibly cover in one article. From deep dives into the future of AI in risk management to dynamic conversations about evolving regulations and governance frameworks, the event was packed with valuable insights.

Industry experts, thought leaders, and innovators took the stage, each offering unique perspectives on how businesses can stay ahead of emerging risks, adapt to changing landscapes, and foster a culture of accountability and resilience. These sessions left attendees not only informed but also inspired, sparking new ideas for tackling the complex challenges that lie ahead. The breadth of knowledge shared throughout the event highlighted just how quickly the GRC space is evolving, with fresh ideas and practical solutions emerging at every turn.

Showcasing Innovation

Beyond the thought-provoking discussions, the event’s vendor exhibits were buzzing with innovation. With 22 vendors showcasing cutting-edge solutions, it was evident that the future of GRC is technology-driven. AI, real-time data analysis, and predictive risk modeling are no longer the stuff of science fiction; they are the tools that are reshaping how organizations approach risk and compliance. The conversations around these tools felt like a glimpse into what the next generation of risk management will look like.

As the event wrapped up, it was clear that Risk-!n 2025 was pushing the boundaries of traditional GRC and embracing a more integrated, forward-thinking approach. The feedback from attendees was overwhelmingly positive, with many expressing how much they appreciated the opportunity to connect with like-minded professionals and experts who are equally passionate about shaping the future of risk management.

In the end, Risk-!n 2025 was about building a community of professionals ready to confront those risks head-on and turn them into opportunities. We left Zurich inspired and energized, knowing that the future of GRC is in good hands. It’s clear that risk is no longer just a side function within organizations but rather it’s the heart of business strategy.

Risk-!n 2025 was a perfect reminder that GRC is evolving. It’s not just about preventing failure anymore, it’s about enabling success, building resilience, and embracing the future with confidence.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.