World Monitor Mag, Industrial Overview WM_November_2018_WEB_Version | Page 83
additional content
struggle to identify them. Given limited
resources, businesses prepare and
governments regulate for the risks that
they can see. But those are often not
the right ones to focus on.
Call them black swan events, surprises,
blind spots, or asymmetric threats.
The challenge for organizations is to
find a strategic way to mitigate these
often lethal, always unpredictable risks
without “boiling the ocean” with multiple
analyses, wasting their money trying
to prevent a wide variety of potential
crises, or having multiple departments
develop separate crisis-prevention
functions.
Even though the precise time, place,
form, and effects of these events
can’t be foreseen, such events can be
better prepared for. This requires a
fundamental mind shift from a focus on
battling specific threats to a threat-
agnostic approach. When you take this
approach, you focus on what might be
called meta-readiness: preparing your
own innate ability to handle any type
of crisis that emerges. You develop
the ability to judge when a crisis is
imminent; to respond to it swiftly and
effectively; to receive and send critical
information at the speed of business
relevance; and to take whatever actions
are required in the moment — with
flexibility and the kind of organizational
muscle memory that comes from
multiple rehearsals.
In short, you build up your capabilities
to manage the chaos that follows any
large-scale upheaval.
There are at least four broad classes of
asymmetric threats:
• Unprotectedinfrastructure
• Vulnerabletechnology
• Underestimateddisasters
• Innovativegeopoliticalattacks
Each of these threat ecosystems has
its own way of surprising people. Each
can be spurred, through a combination
of factors, to spin off a sudden tornado-
like disaster. The best stance is to
recognize their dynamics, and then
look closely at your company’s missing
capabilities, and the critical path for
closing that gap.
1. Unprotected
infrastructure.
A natural disaster, a terrorist attack,
or simply a prolonged deterioration
can diminish the continued operation
and efficiency of embedded large-
scale infrastructure — including public
systems for transportation and power,
or private systems such as commercial
ports and financial exchanges.
Also vulnerable are many of the legal
measures and regulations put in place
to protect these infrastructures. These
systems, upon which society depends,
have been shown to be vulnerable to
such a complex combination of factors
that organizations and governments
Consider the artery of a nation: the U.S.
power grid —
a highly complex, highly decentralized
enterprise that is vulnerable to attack.
More than 3,300 utilities deliver
power from natural gas, coal, nuclear,
hydroelectric, and other power plants
through 200,000 miles of high-voltage
transmission lines; more than 5 million
miles of distribution lines bring power to
hundreds of millions of U.S. homes and
businesses. A structural breakdown or a
coordinated attack — which, according
to the U.S. Department of Homeland
Security, Russian cyber actors may
already be positioned to accomplish —
could cause power losses across large
portions of the United States lasting
from hours to weeks. In Puerto Rico,
Hurricane Maria left residents without
power for as long as 10 months.
Weather-related outages, coupled with
aging infrastructure, are estimated to
have cost the U.S. economy an inflation-
adjusted annual amount ranging
between $18 billion and $33 billion
between 2003 and 2012.
Beyond the substantial direct economic
costs of a large-scale failure in the
grid, the damage could cascade to
other critical nodes of a region’s
infrastructure. Without easy access to
electric power, nearly everything would
sooner or later be disrupted: banking,
the Internet, the stock market, the water
supply, the food supply, sewage, roads,
hospitals, military operations, fuel, and
air traffic control.
The catastrophic earthquake that
struck Haiti in January 2010, for
example, damaged roads and buildings
essential for escape and recovery,
supported by EUROBAK
81