UNIVERSITY PARTNERS
The College of William and Mary
Eastern Virginia Medical School
George Mason University
George Washington University Virginia Campus
Hampton University
James Madison University
Norfolk State University
Old Dominion University
Shenandoah University
University of Virginia
Virginia Commonwealth University
Virginia Military Institute
Virginia Polytechnic Institute and State University
Virginia State University
Virginia's Center for Innovative Technology
Industry Partners
Join IDHS through the Industry Affiliates Program
|
Guest Column
Offense vs. Defense: The Risk Management Clock is Ticking
By Peter L. Higgins, 1SecureAudit
What side of the risk field do you play on in your organization? A mix of both offense and defense is a prudent way to hedge any potential losses. Unfortunately, many don't spend nearly enough time being proactive and managing future risk.
Proactive and preventive risk management requires a layered and active intelligence program. It assumes that dedicated resources and personnel are spending a majority of their time scanning the horizon for new threats. It means devoting more time to asking, "What if"? This kind of investment will produce the new thinking and strategy that can prevent a potential new loss.
At a recent conference, Ms. Frances Fragos-Townsend, Deputy National Security Advisor for Combating Terrorism in the National Security Council, addressed this exact topic of proactive risk management. She urged businesses to get out of consequence-management mode and into the risk-management mode. She was right on target. Businesses don't spend enough time thinking ahead and looking toward the horizon. We need to be actively thinking about where the next risk of loss will come from and prepare for it.
How many play minutes did your board of directors spend in the last meeting on dealing with consequences (defense) as opposed to managing the risks of the future (offense). For a look at what risks your company and our planet will face in the next two decades, take a look at the Seven Revolutions Initiative, which attempts to describe what the world will look like in 2025. This goal of this project is to promote strategic, forward-looking thinking among current and future leaders about how the world will change over the next 25 years and what that change will mean for international leadership. One visit to the Seven Revolutions website will convince you that we all have a tremendous amount of planning to do if we are going to be able to respond to the risk and change ahead of us.
For example, survival in the year 2025 as a company in the healthcare industry might require a radical rethinking about where your profits will be coming from and what type of R&D you should be working on now. "If you have children or grandchildren under the age of ten, the introduction of genetic medicines and therapies could help many of them live to be 120 years old - maybe older."
Survival in the year 2025 as a financial services company will require a mindset shift about the business you are really in. Advances in technology, a widening income gap and the globalization of trade will change the face of commerce. "The accumulated wealth of the 225 richest individuals in the world will be equivalent to the combined annual revenue of 2.7 billion people at the bottom of the global income ladder."
And what about conflict in the year 2025? "More than 100 countries are believed to be seeking to develop offensive information-warfare capabilities. About a dozen states now either possesses or are actively pursuing offensive biological and chemical capabilities for use against their perceived enemies, whether internal or external. Over the next 25 years, it is expected that the lines between lawlessness, crime, disorder, terrorism and war will become increasingly blurred, challenging governments to the limits in terms of managing and containing threats."
And how many offensive minutes did you spend with your team last month, last quarter or last year? Are you ready?
At the Governor's Homeland Security Conference held October 28-30, 2003 at the Virginia Military Institute, the "offensive coordinator" in me came alive. There were several compelling presentations and demonstrations over those two days that were very noteworthy. However, only one speaker inspired me to design a game plan for an offensive risk management initiative in my own corporate back yard: Major General Claude E. Williams, Adjutant General of the Commonwealth of Virginia.
The Governor of Virginia appointed Major General Williams the Adjutant General on October 1, 1998. He is the agency head of the Virginia Department of Military Affairs. His presentation was entitled, "The Role of the Citizen Soldier in Homeland Security." His presentation illustrated the need for ordinary citizens to step up and help replace the lost leadership of the National Guard who have been deployed to posts around the world. The presentation by The Honorable John Hager, Assistant to the Governor for Commonwealth Preparedness, on "Bridging National Policy to State and Local Implementation" put it all into perspective. The private sector needs to secure the safety of its employees and infrastructures with a new derivative of the Community Emergency Response Team (CERT), a program created to "harness the power of every individual through education, training, and volunteer service to make communities safer, stronger, and better prepared to respond to the threats of terrorism, crime, public health issues, and disasters of all kinds."
Upon returning from the conference I made a decision to begin organizing a "Corporate" Emergency Response Team (CERT) for my building in Tysons Corner. First I met with my local Fairfax County CERT coordinator, Robert Mizer to tell him about my plan. Then I prepared a letter outlining the steps I would be taking to organize the companies and firms in my building for a volunteer team to be trained by Fairfax County. The training covers certifications in CPR, first aid and fire suppression. It also addresses disaster psychology and teaches how to lead a team in the face of catastrophe.
According to the CERT Instructor's Guide, "Studies of behavior following disasters have shown that groups working together in the disaster period perform more effectively if there has been prior planning for disaster response. These studies show that organized grassroots efforts may be more successful if they are woven into the social and political fabric of the community and neighborhood associations, schools, workplaces, places of worship and other existing organizations."
As a result of the efforts of a single, local citizen soldier, our building recently held its CERT volunteer kick-off meeting. Our training and certifications will be completed six weeks after our start date in early January.
So I ask you: Are you spending your risk management time playing offense or defense? When was the last time you exercised your Business Crisis and Continuity Management plans? More important, when was the last time you did so in concert with the rest of the companies in your building or business park?
This issue of preparedness is really about corporate leadership and securing the well-being of our employees and our businesses. In the event of an attack on our homeland, we will be looking to the leadership of our corporations, which are responsible for 80% of the nation's infrastructure.
The clock is ticking. Let's stand by our National Guard and armed forces by taking the offensive in the fight against terrorism.
Peter L. Higgins is Managing Director of 1SecureAudit LLC, an Operational Risk Management Solutions firm with headquarters in McLean, VA. He can be reached at higginsp@1SecureAudit.com
|
|
