The Risk Wheelhouse
The Risk Wheelhouse is designed to explore how RiskTech is transforming the way companies approach risk management today and into the future. The podcast aims to provide listeners with valuable insights into integrated risk management (IRM) practices and emerging technologies. Each episode will feature a "Deep Dive" into specific topics or research reports developed by Wheelhouse Advisors, helping listeners navigate the complexities of the modern risk landscape.
The Risk Wheelhouse
S6E5: 2026 Convergence - Risk Management Must Be Integrated
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
The ground rules of risk have changed, and waiting for the next headline won’t save the balance sheet. We take you inside “The 2026 Convergence: Integrated Risk Management in a New Era” and map how cyber, AI, third parties, geopolitics, and reputation have fused into one risk surface. Instead of chasing alerts, we focus on disruption economics: what a breach costs per minute, which processes bleed first, and how quickly you can recover without compounding fines. Cyber stops being an IT story and becomes a CFO story.
We then unpack why AI is a systemic enterprise risk. The issue isn’t sci‑fi; it’s embedded algorithms making daily decisions with drifting models and murky provenance. Policies alone cannot govern dynamic systems, so we lay out how continuous testing, auditability, and a horizontal control layer protect legal, HR, security, and operations together. From there, we move into the ecosystem era, where vendors run your core functions and static questionnaires leave you blind. The fix is unifying taxonomies and evidence so a critical security finding halts a contract before renewal, not after the breach.
Zooming out, geopolitics is now the climate, not the storm. Sanctions, regulatory divergence, and state-backed cyber campaigns require decision-grade scenarios wired to live data: suppliers, SKUs, revenue, cash. Finally, we connect trust to operations. Reputation is no longer a slogan; it’s the measurable outcome of how you run, respond, and disclose. We share the four pillars of modern IRM—dependency-led visibility, continuous testable controls, scenario-driven decision support, and unified evidence—that turn fragmented signals into real resilience and a brand that survives.
If this resonates, follow the research at wheelhouseadvisors.com and read the full analysis free at risktechjournal.com. Like what you hear? Subscribe, share with your team, and leave a review with the pillar you’ll tackle first.
Visit www.therisktechjournal.com and www.rtj-bridge.com to learn more about the topics discussed in today's episode.
Subscribe at Apple Podcasts, Spotify, or Amazon Music. Contact us directly at info@wheelhouseadvisors.com or visit us at LinkedIn or X.com.
Our YouTube channel also delivers fast, executive-ready insights on Integrated Risk Management. Explore short explainers, IRM Navigator research highlights, RiskTech Journal analysis, and conversations from The Risk Wheelhouse Podcast. We cover the issues that matter most to modern risk leaders. Every video is designed to sharpen decision making and strengthen resilience in a digital-first world. Subscribe at youtube.com/@WheelhouseAdv.
Setting The Stakes
Ori WellingtonHello and welcome back to the Deep End. You are listening to another edition of the Deep Dive, broadcasting from the Risk Wheelhouse.
Sam JonesYou're in the right place.
Ori WellingtonI'm your host, Ori Wellington, and today we are doing something a little um a little different. Usually we look at a specific event, a breach, a new regulation, something that's already happened.
Sam JonesWe're usually reactive.
Ori WellingtonExactly.
Sam JonesYeah.
Ori WellingtonBut today we are looking at the map itself. We are looking at the blueprint of the building we're all standing in, and we're asking a very uncomfortable question. Is the foundation cracking?
Sam JonesOh, it's it's not just cracking. I think it's shifting. And it turns out the Mac we've all been using is, well, it's about 10 years out of date.
Ori WellingtonThat is the cheerful, reassuring voice of my co-host and fellow analyst here at Wheelhouse Advisors, Samantha Jones. Welcome back.
Sam JonesIt is great to be here. And you are right, the energy is different. We aren't reacting to a fire today. We're looking at the seismograph and realizing the big one isn't a single event anymore.
Ori WellingtonWhat is it then?
IRM Origins And Why It Matters
Sam JonesIt's the new normal.
Ori WellingtonRight. And to do that, we're digging into a piece of research that honestly it feels like a landmark. It's titled The 2026 Convergence: Integrated Risk Management in a New Era. And before we get into the heavy lifting, we should probably address the author. This isn't just an observation from the sidelines. This is coming from, you know, inside the house.
Sam JonesRight. This article is written by John A. Wheeler. He's the founder and CEO here at Wheelhouse Advisors. And for those listening who track the history of our industry, that name carries a very specific weight.
Ori WellingtonHe's the architect, isn't he?
Sam JonesIn many ways, yes. I mean, back in 2016, John was leading research into the industry, and he was the one who actually coined the term integrated risk management. IRM. IRM. He looked at the whole landscape of governance, risk, and compliance, GRC, and basically said, this is becoming a dusty compliance exercise. He defined IRM as the next evolution.
Ori WellingtonAaron Powell So 2016 was the birth of the concept. We're now looking at 2026, 10 years later. And the premise of this new article is that we have hit an inflection point. I have to say, inflection point is one of those corporate buzzwords I usually try to ban from the show. Why is it justified here?
Sam JonesAaron Ross Powell It's justified because the data is finally, finally on the same page. If you look at the major global risk surveys that drop every January, we're talking the heavy hitters here. Like who? Aon, Alliance, the World Economic Forum, Pertivity, PWC, Marsh, Zurich, the Eurasia Group. I mean, usually they are all over the place.
Ori WellingtonTrevor Burrus, Jr.: Everyone has their own favorite flavor of anxiety.
Sam JonesTrevor Burrus, Jr.: Exactly. One says climate is the doom scenario, another says it's the economy, another says it's talent retention. It's just noise.
Ori WellingtonAaron Powell But not this time.
Sam JonesAaron Powell Not in the 2026 survey cycle. There's a consensus emerging. And it's not just that they're agreeing on what the risks are: cyber, AI, geopolitics. They are agreeing on why our current way of managing them is failing.
Ori WellingtonAaron Powell And that why is really the core mission of this deep dive, isn't it? Trevor Burrus, it is. The argument here is that risk has stopped being a set of separate problems like the IT problem over there or the legal problem down the hall, and has become a single tangled web.
Sam JonesAaron Powell A convergence to use the title of the piece. And the scary part, or maybe the clarifying part, is that this web is exposing the fact that most companies are still operating in silos.
Ori WellingtonStill. After all this time.
Sam JonesOh, absolutely. The IT team secures the server, the lawyer reads the contract, the PR team drafts the press release, and none of them really know what the others are doing in context.
Ori WellingtonAaron Powell Which leads us to the thesis. The idea that integrated risk management is shifting from being an uh architectural aspiration.
Sam JonesAaron Powell A nice drawing on a whiteboard.
Ori WellingtonYeah, a drawing that makes the board feel good to an execution requirement.
Sam JonesAaron Powell Meaning if you don't integrate, you just don't survive. It's no longer about efficiency, it's about existential resilience.
Ori WellingtonAaron Powell Okay. That definitely sets the stakes. So the article outlines five specific trends in this convergence. I want to walk through them, but I really want to push past the headlines. Let's get into the mechanics.
Cyber Moves To Disruption Economics
Sam JonesLet's do it.
Ori WellingtonTrend number one it's the heavyweight champion still cyber risk.
Sam JonesStill number one. You see it across Olions, Aeon, Potivity, and PWC. But, and this is where it gets really interesting, the conversation in 2026 has fundamentally changed.
Ori WellingtonHow so? Because for the last, what, decade, cyber risk meant keep the hackers out.
Sam JonesIt was a fortress mentality.
Ori WellingtonLock the doors, patch the servers, train the staff not to click the phishing link. It was a security problem.
Sam JonesThat is the security mindset. John argues that we are now moving into a disruption economics mindset.
Ori WellingtonDisruption economics? That sounds expensive.
Sam JonesIt is extremely expensive. Think about it like this. In the old model, success was binary. Did we get breached? Yes or no? If the answer was no, the COSO gets a bonus. Simple enough. But in 2026, the assumption based on the sheer volume and sophistication of attacks is that incidents will happen. It's an inevitability.
Ori WellingtonSo the metric isn't did they get in anymore?
Sam JonesNo. The metric is what did it cost us per minute?
Ori WellingtonSo we're moving from the IT closet straight to the CFO's office.
Sam JonesPrecisely. It's all about business interruption. Let's say you're a manufacturer. If your email server gets hacked, that's annoying, but it's manageable. But if your operational technology, the software that's actually running the assembly line, gets hit with ransomware, you are bleeding millions of dollars an hour.
Ori WellingtonAaron Powell And the legacy approach, the old GRC model, it just treats those two servers as assets to be patched. It doesn't differentiate the economic value at all.
Sam JonesNot at all. IRM in 2026 requires what John calls integrated dependency mapping. You have to know that this specific server runs this specific revenue line. If you don't have that context, you're just playing whack-a-mole with the vulnerability scans.
Ori WellingtonThe article also mentions latency here. It's not just about the breach itself, it's about the recovery time.
Sam JonesCorrect. Does a breach halt operations immediately or is there a lag? And this is the crucial part, does it trigger a regulatory fine?
Ori WellingtonYou mean like GDPR?
Sam JonesExactly. If you lose data in Europe, that clock on GDPR notification starts ticking instantly. If you don't know which server holds European data because your risk data is in a silo, you've just compounded a cyber problem with a legal disaster.
Ori WellingtonSo an analogy popped into my head reading this. Tell me if this works. The old way was checking if the retail store's front door was locked at night.
Sam JonesOkay.
Ori WellingtonThe new way, this disruption economics, is knowing exactly how much sales revenue you lose for every 60 seconds that door is stuck shut during the Christmas rush.
Sam JonesThat is a perfect visualization. It completely shifts the power dynamic. The board doesn't understand SQL injection. No. They don't care about buffer overflows, but they absolutely understand we lost four million dollars in revenue because the checkout system was down for 90 minutes.
Ori WellingtonThat is the language of this 2026 convergence.
Sam JonesIt has to be.
Ori WellingtonSo if you're a risk manager listening to this, your job isn't just to report the hack, it's to report the price tag of the hack in real time.
Sam JonesExactly. And to do that, you need access to financial data, not just security logs. You have to know the value of the process being disrupted.
Ori WellingtonWhich is a perfect segue, actually. Because if we're talking about processes and we're talking about the year 2026, we have to talk about the technology that is increasingly running all of those processes.
Sam JonesOh, yes.
Ori WellingtonWe can't avoid it.
Sam JonesYou are talking about the elephant in the server room.
Ori WellingtonI am. Trend number two, artificial intelligence.
Sam JonesThe fastest rising risk across every single one of those surveys in 2026. Alliance calls it the biggest mover year over year. The World Economic Forum puts adverse AI outcomes right in their top tier of global risks.
Ori WellingtonBut again, let's get specific here. The media loves to talk about the terminator scenario. You know, robots becoming sentient, taking over the nuclear codes. Is that what we're actually worried about here?
Sam JonesNo, and honestly, the sci-fi distraction is a huge part of the problem. We are not worried about AI becoming sentient. We are worried about AI becoming embedded.
Ori WellingtonEmbedded in the boring stuff.
Sam JonesExactly. The really critical, boring stuff. We are moving from viewing AI as an innovation upside, you know, look at this cool chatbot, look at this code generator. Right the fun toys to viewing it as a systemic enterprise risk. Companies are rushing to put AI into their core business processes, lending decisions, supply chain logistics, customer service routing.
Ori WellingtonSo it's like we're building skyscrapers on a foundation of wet cement, and we aren't even sure what's mixed into the cement.
Sam JonesThat is the provenance problem that John highlights. Do you know where the AI learned its facts? If you're using a generative model to summarize legal contracts, and that model was strained on bad data or worse, copyrighted data you don't have the rights to, you have just created a massive silent liability.
Ori WellingtonAnd then there's model drift. This is a new term for me, but it sounds absolutely terrifying.
Sam JonesIt's critical. Think about standard software. If I install a word processor from TGL Cent and it works the same way today as it did back then, the code is static. Right. AI is different. It evolves, it learns, it can degrade.
Ori WellingtonIt changes its mind.
Sam JonesIt changes its patterns based on the new data it ingests. So an AI model that effectively screens job applicants in January might start developing a subtle bias against certain demographics by June just because of the data it's processing. It drifts away from the original baseline.
Ori WellingtonWow. So if you just set it and forget it, you could be breaking discrimination laws six months from now without even knowing it.
Sam JonesExactly. And this brings us right to the IRM implication. I hear this from clients all the time. Can't we just write a policy for this? Let's just have an acceptable use of AI PDF, have everyone sign it and call it a day.
Ori WellingtonThe classic cover your assets move.
Sam JonesThe CYA move. I told them not to do the bad thing, so it's not my fault if they do.
Ori WellingtonAnd what does the resource say about that?
Sam JonesIt says that is dead on arrival. Policy artifacts are not enough. You cannot govern a dynamic algorithm with a static document. You need continuous automated testing. You need to be able to audit the AI's decision making in real time.
Ori WellingtonAaron Powell So you basically need a machine to watch the machine.
Latency, Fines, And Board Language
Sam JonesIn essence, yes. AI risk has to be a horizontal control layer. It can't just sit in the IT department. It touches legal because of copyright, HR because of bias, operations because of reliability, security because of data leakage.
Ori WellingtonIt's everywhere.
Sam JonesRight. If you treat AI risk as some standalone program in a corner office, you are completely missing the convergence.
Ori WellingtonIt's the single risk surface. The AI isn't just a separate tool, it's becoming the glue that holds the business together. And if the glue fails, the whole building falls down.
Sam JonesAnd that glue is made of data that you often don't even own. Which flows perfectly into trend number three.
Ori WellingtonGo on.
Sam JonesBecause AI is hungry, it needs data, and businesses are hungry for speed. So where do they get the data and the speed?
Ori WellingtonFrom other people.
Sam JonesThey get it from other people. They rent it. They buy it.
Ori WellingtonWhich brings us to trend three: the ecosystem era. Third-party risk is no longer just a procurement headache, it's a top-tier enterprise threat.
Sam JonesI really resonated with the language John used here. The idea that organizations are no longer enterprises surrounded by castle walls. They are ecosystems.
Ori WellingtonIt's a biological metaphor and it really fits. Protivity and Alliance are both emphasizing this. You're an organism living in an environment. If your cloud provider gets sick, you get sick.
Sam JonesIf your payroll processor gets hacked, your employees don't get paid.
Ori WellingtonExactly. But we've known about vendors for decades. Why is this a 2026 convergence issue? What has actually changed?
Sam JonesIs it the depth of the dependency?
Ori WellingtonThat's a huge part of it. It's the depth and the criticality. In the past, a vendor might supply you with paperclips or cleaning services, annoying if they fail, but not catastrophic.
Sam JonesRight.
Ori WellingtonToday your vendors are holding your customer database, running your website, and processing your payments. You have outsourced your brain and your nervous system.
Sam JonesAnd yet the way we assess them hasn't really changed much, has it? We are still treating them like the paperclip guy.
Ori WellingtonThat is the failure mode.
Sam JonesYeah.
Ori WellingtonWe are still relying on the 400 question spreadsheet. You know the drill.
Sam JonesOh, I know it well.
Ori WellingtonYou send a vendor a questionnaire in January asking, Are you secure? They check yes. You file it away, done for the year.
Sam JonesAnd then in March, they change their server configuration, open a massive vulnerability, and you have absolutely no idea.
Ori WellingtonYou're flying blind for 10 months. That snapshot in time assessment is completely archaic. It just doesn't work for real-time dependencies.
Sam JonesBut the bigger issue John identifies is the Tower of Babel problem inside the company itself.
Ori WellingtonIt's a taxonomy issue.
Sam JonesExactly. Procurement cares about price and speed. Security cares about firewalls and encryption. Legal cares about liability and indemnity. Audit cares about compliance.
Ori WellingtonThey're all looking at the same vendor.
Sam JonesBut they are speaking different languages and using completely different data sets.
Ori WellingtonSo the nightmare scenario is procurement renews the contract because the price is good, completely unaware that security just flagged a critical vulnerability in that exact vendor's software.
Sam JonesIt happens all the time. The left hand is shaking the vendor's hand while the right hand is holding a warning sign that nobody sees.
Ori WellingtonSo what's the IRM solution here?
Sam JonesIt's about unifying taxonomies. You need a shared dictionary, so everyone is on the same page, and you need unified evidence.
AI Becomes A Systemic Risk
Ori WellingtonMeaning if security finds a flaw, that has to trigger a red light on the procurement dashboard immediately.
Sam JonesBefore the check is signed, not after.
Ori WellingtonIt seems so obvious when you say it out loud.
Sam JonesIt does, but it requires a level of integration that most companies just don't have. It requires breaking down the political walls between departments.
Ori WellingtonYeah.
Sam JonesThat's why it's so hard. It's culture as much as it is code.
Ori WellingtonOkay, let's recap the stack we've built so far. We have cyber disrupting our economics, we have AI embedding itself in our core processes and occasionally drifting off course, and we have a sprawling ecosystem of vendors we barely control.
Sam JonesA precarious stack.
Ori WellingtonVery. Now let's zoom out. Way, way out. To the map of the world itself.
Sam JonesTrend number four geopolitics as the baseline.
Ori WellingtonThis is the heavy one. The World Economic Forum, the Eurasia Group, PWCC, they all cite geopolitical volatility as a dominant force. But again, let's look for the shift. Wars and trade disputes are not new.
Sam JonesNo, humans have been doing that forever.
Ori WellingtonSo what is the 2026 angle on this?
Sam JonesThe shift is from periodic shock to structural condition.
Ori WellingtonUnpack that for me. What is the real difference between a shock and a condition?
Sam JonesWell, traditionally, businesses treated a war or a trade sanction like a hurricane. It's a storm, it hits, you batten down the hatches, it passes, and then you rebuild.
Ori WellingtonIt's an event, something you survive.
Sam JonesExactly. And now it's the climate. It's not a storm. It's the fact that it just rains every single day. Trade restrictions, regulatory divergence between the US, EU, and China, state-sponsored cyber campaigns. These are permanent features of the operating environment.
Ori WellingtonAaron Powell So you can't just wait it out anymore. You can't say, oh, we'll just wait for things to calm down.
Sam JonesAaron Powell Because they won't calm down. Volatility is the baseline. That means the old tool, the annual scenario exercise is basically useless.
Ori WellingtonOh, I know this one. The executive retreat, where everyone goes to a nice hotel, drinks good wine, pretends China invaded Taiwan for four hours.
Sam JonesLooks at some scary charts.
Ori WellingtonAnd then goes to dinner feeling very strategic.
Sam JonesPrecisely. It's academic, it's role-playing, it's a fun intellectual exercise, but it rarely changes what happens in operations on Monday morning. John argues we need decision grade scenarios.
Ori WellingtonDecision grade. That implies money is on the table.
Sam JonesIt means your scenario planning has to be wired directly into your live business data. Let's create a scenario. Imagine the U.S. government announces a new sanction on semiconductor exports to a specific region on a Tuesday morning.
Ori WellingtonOkay, Tuesday morning, the news breaks.
Sam JonesThe old way, you might discuss it in a meeting on Friday. The new way, you need to know by Tuesday afternoon which of our vendors are in that region? Which of our products rely on those specific chips? What is the immediate revenue impact? And do we need to trigger a capital reserve right now?
Ori WellingtonYou can't wait for the annual retreat to figure that out. You might not even have until Wednesday.
Sam JonesSpeed is the only real defense against volatility. You have to connect the geopolitical headline to the supply chain node instantly. That is what a true IRM platform does. It connects the macro threat to the micro dependency.
Ori WellingtonIt connects the CNN headline to the server rack.
Sam JonesYeah, to the bank account.
Ori WellingtonWhich brings us to the final trend. Trend number five. And honestly, after talking about cyber warfare and global conflict, this one might feel a bit soft.
Sam JonesIt might seem that way at first.
Ori WellingtonBut the source material argues it might be the deadliest of them all.
Sam JonesWe are talking about trust and reputation.
Ori WellingtonThe erosion of trust. The WEF lists misinformation and disinformation as a top-tier risk. Marsh and Zurich are talking about it constantly.
Sam JonesAnd it's so easy to dismiss this as just a PR problem. You know, oh, people are saying mean things about us on social media. Right. But John takes a very specific, very hard-nosed angle here. He says reputation is no longer an abstract brand concern, it is a managed outcome.
Ori WellingtonExplain that. How do you manage trust? Like you manage a server or a budget.
Sam JonesBy realizing that trust is the direct result of your operational signals.
Ori WellingtonOperational signals. What does that mean?
Sam JonesThink about the sedu gap. If your CEO goes on CNBC and says, we value customer privacy above all else, but your operational data shows you haven't patched a critical vulnerability in your customer database in six months. That gap is where reputation goes to die.
Ori WellingtonAnd in 2026, the truth always comes out, leaks happen, whistleblowers happen, regulators dig deep.
Sam JonesExactly. In this era of pervasive misinformation where anyone can say anything about you, your only real defense is radical evidence-based transparency. If you have a cyber incident, do you hide it? Or do you have the integrated data to explain exactly what happened, what was lost, and how you fixed it within hours.
Ori WellingtonSo trust isn't about the logo or the Super Bowl commercial anymore. Trust is do your systems actually work and do you tell the truth when they don't?
Sam JonesPrecisely. The insight here is trust is an outcome of integrated risk execution. You cannot have a good reputation with bad risk management. They are now the exact same thing.
Ori WellingtonThat is a profound shift. It means the risk manager isn't just protecting the downside anymore, they are actively protecting the brand promise.
Sam JonesThat's it.
Ori WellingtonIf you cannot link your incident response data to your executive communication strategy, you are flying into a storm without a radar.
Sam JonesAnd that brings us to the synthesis. We've looked at the five threads, now we have to see the web.
Ori WellingtonAnd John's article sums it up with a pretty bold statement, I thought. He says, risk fragmentation is now the primary failure mode.
Model Drift And Continuous Testing
Sam JonesIf you are fragmented, you fail. It's that simple. Let's trace the chain reaction we just built. It's a domino effect, but the dominoes are falling in every direction at once.
Ori WellingtonOkay, let's walk through the nightmare scenario. Paint the picture of fragmentation in action.
Sam JonesOkay. A geopolitical event, say, a new trade war triggers a sudden supply chain disruption. That disruption forces you to onboard a new unvetted vendor very quickly because you just need the parts to keep the factory running.
Ori WellingtonOkay, so now I have a third-party risk because I skipped all the checks.
Sam JonesRight. And that new vendor uses a custom AI tool in their logistics that you haven't audited. That AI tool has a subtle security flaw or a data bias.
Ori WellingtonNow we've got a cyber risk and an AI risk, all from one vendor.
Sam JonesExactly. Hackers exploit that flaw to breach your customer data. Now you have a disruption economics problem, your revenue halts, your website is down. And then because your teams are siloed, your PR team goes out and denies the breach while your IT team is desperately trying to fix it. The public finds out you lied, and now you have a Massive reputation crisis.
Ori WellingtonAnd the stock price tanks. And the CEO gets fired.
Sam JonesAll because the initial geopolitical signal from that trade war wasn't connected to the vendor onboarding process.
Ori WellingtonThat is absolutely terrifying. But we aren't here just to scare people. We're here to offer the solution. The article defines the new era of IRM with four distinct pillars. This is the solution kit.
Sam JonesLet's run through them. It's the roadmap out of the mess.
Ori WellingtonPillar one.
Sam JonesDependency-led risk visibility. You have to see the whole ecosystem, no more blind spots. You have to know how the legal department connects to the server room, connects to the vendor in Asia.
Ori WellingtonPillar two.
Sam JonesContinuous testable controls. No more of this once-a-year assessment nonsense. You need to know if the control is working right now. If the lock is broken, you need to know before the burglar tries the handle. Scenario-driven decision support. Tying those big geopolitical shifts directly to business outcomes and money. Making risk data speak the language of the CFO.
Ori WellingtonAnd finally, pillar four.
Sam JonesUnified evidence and assurance. This is critical. Everyone audit, risk, compliance, security. They all need to be looking at the same single source of truth. One set of books. No more arguing over whose spreadsheet is correct during a crisis.
Ori WellingtonIt's a tall order. It sounds like a massive cultural shift as much as it is a technological one.
Sam JonesIt is. But as John puts it, organizations that treat IRM as a platform for management execution rather than just a reporting framework are the ones that will convert risk insight into real resilience.
Ori WellingtonAnd resilience is the only competitive advantage that really matters in a world this volatile. If you can take a punch and keep moving while your competitor crumbles, you win.
Sam JonesExactly. You stop being the department of no and you start being the department of how.
Ori WellingtonHow to survive, how to grow. That is a powerful place to be.
Sam JonesIt is the only place to be in 2026.
Ori WellingtonWe've covered a massive amount of ground today. We've gone from disruption economics to the ethics of AI to the geopolitics of trade. Now, for the listener who is sitting there thinking, I need to show this to my boss, or I need to understand the specific metrics behind this, where should they go?
Sam JonesWell, first, everything we've talked about today comes from the research done right here at Wheelhouse Advisors. We are based in Atlanta, but our research is global. You can find more about our broader work at wheelhouseadvisors.com.
Ori WellingtonAnd the specific article that we've been breaking down.
Sam JonesThe 2026 Convergence is available to read right now at risktechjournal.com. That's our free standard publication. And it's a fantastic resource for keeping up with these trends without a paywall.
Ori WellingtonHowever, and I know our audience, some of you are practitioners. You're the ones in the trenches. You need the deep metrics. You need a specific vendor analysis. You need the stuff you can take to the board to justify a million-dollar budget.
Sam JonesFor those people, you absolutely need the RTJ Bridge. That is our premium version of the Risk Tech Journal. We publish in-depth research notes every week. It provides the type of insights you would usually find in a high-priced research subscription from one of the massive analyst firms, but at a fraction of the cost.
Ori WellingtonIt's the smart play. You can subscribe at rtj-bridge.com. That's rtj-bridge-bridge.com.
Sam JonesI'd say it's highly recommended. If you want to survive the convergence, you're going to need the bridge.
Ori WellingtonI love that. Okay, before we sign off, I want to leave our listeners with one final, perhaps slightly provocative thought to chew on.
Sam JonesGo for it.
Ori WellingtonWe talked about how trust is an outcome. We talk about how integrated risk is the nervous system of the company. If all that's true, if risk management is what actually keeps the promises the company makes, does that mean the risk manager is now the most important guardian of the brand, more important than the chief marketing officer?
The Ecosystem Era Of Third Parties
Sam JonesThat is a very dangerous question to ask in a room full of marketers. But looking at the 2026 landscape, looking at how fragile reputation has become, I think you might be right. The brand isn't what you say anymore. The brand is how you survive.
Ori WellingtonSomething to mull over on your commute.
Sam JonesYeah.
Ori WellingtonThank you for diving deep with us today.
Sam JonesSee you at the deep end.
Ori WellingtonBye for now.