Survival: Experiential Learning to the Rescue...

Change is in the wind.  You have heard this before and the truth is, that this is not anything new.  We have only started to understand however, how the accelerating pace of change, is impacting us.

The number of App's staring at you in the palm of your hand should be one indicator.  How many are you using on a daily basis now?  No longer are we spending a work day logged into an e-mail client, our word processor and maybe the spreadsheet or database application.

The pace of change and the number of places we access our valuable daily information is rapidly taking over our lives.  We have seen the growth of Fortnite now at exponential proportions and little did Potomac Computer Systems, now Epic Games know what was ahead of them upon their founding in 1992.

In the gaming industry they have genre(s) and Fortnite is a survival game:

Survival games are a subgenre of action video games set in a hostile, intense, open-world environment, where players generally begin with minimal equipment and are required to collect resources, craft tools, weapons, and shelter, and survive as long as possible. Many survival games are based on randomly or procedurally generated persistent environments; more-recently created games are often playable online, allowing multiple players to interact in a single persistent world. 

Wake up corporate management.  As you proceed to continue your growth in your particular industry over the next decade, think about the pace of change.  How fast will you be able to pivot, adapt and survive in your persistent environment?

Think about your latest strategic endeavors that you have launched in the past year.  Has the process and goals been achieved, without some level of challenge, disruption or even misdeeds?  The likelihood is, that somewhere along the way, the project, the business or the endgame was at risk.  Perhaps not a total failure, yet not the envisioned outcome.

It is this game of perceived survival and the new pace of change in our lives, that is the greatest Operational Risk before us.  How will we mitigate the risk of such rapid change?

Experiential business learning is a vital way forward.

"Experiential business learning is the process of learning and developing business skills through the medium of shared experience. The main point of difference between this and academic learning is more “real-life” experience for the recipient.[31][32][33]

This may include for example, learning gained from a network of business leaders sharing best practice, or individuals being mentored or coached by a person who has faced similar challenges and issues, or simply listening to an expert or thought leader in current business thinking.

Providers of this type of experiential business learning often include membership organisations who offer product offerings such as peer group learning, professional business networking, expert/speaker sessions, mentoring and/or coaching."
How are you capitalizing on the people in your organization who are part of an external group or other network of like-minded professionals?  It's difficult if you don't even understand who or where your own employees are interacting on a daily basis outside your company.

So what?

Perhaps the place to start is by asking people.  Ask them over coffee in the corporate food court or that new Open Space floor plan with the "Bistro" on every other floor.  What if they told you, that they were a member of an external or virtual organization because they could not find the information or the people with the expertise inside your own organization?

Your goal is to figure out how to capitalize on all of these external groups, organizations and "Experiential Business Learning," that is going on within your own company today.

 How might you capture that passion and the excitement this individual has for the network or "Virtuous Insurgency" they are learning from everyday?

The Operational Risks before you, spans the number of people in your team who are learning somewhere else X the number of other networks they are affiliated with.

Who on your team is gaining new insight somewhere else?  Who are building valuable relationships outside the perimeter.  Who are living in a new unpredictable world of survival...without you even knowing about it.

What could you be learning today?

Certainty: Solutions for an Unpredictable World...

As the moon rises on a distant horizon, vital leaders across our globe are gaining new strategic foresight to continuously adapt their enterprise.

The future horizons in the mid-2000's are now on their mind and for good reason.  All of us are operating at increasing speed, in an unpredictable world:

• Computer Virus
• 9/11 2001
• Hurricanes Harvey & Katrina
• Financial Crisis 2007-2008
• Deep Water Horizon
• San Bernardino Attack 2015
• Las Vegas Shooting 2017

What is the certainty that the Operational Risks in the next 20 years, will be a replay of the variety and spectrum of loss events we have witnessed in the past 18 years.  The difference is that they are accelerating.  What have we learned?  What are we doing about it?  How are we changing?  Why?

Solutions for resilience in motion in our "Unpredictable World" span the domains of people, processes, systems and external events.  Operational Risk Management (ORM) is a discipline that can be applied in most any size enterprise including government.

When you are seated around the meeting room with your leadership team, what do you see?  People who are in charge of teams, business units, departments, subsidiaries, portfolio investments and other assets of the enterprise.  You are counting on them to be prepared, to be predictive and to be proactive.  Are they?

You see, after all of the lessons learned and the After Action Reports (AAR) have been written and published, it seems to come back to the fundamentals.  It is history repeating itself.  Will our future world continue to be unpredictable?

If you said yes, then what are you doing about it?  Let's go back to that group of leaders sitting around the conference table.  Who have they engaged outside your enterprise to back them up to help them be more prepared, predictive and proactive?

The truth is, that you are behind the solutions curve.  Even your simple, yet effective Business Continuity Plan is outdated and gathering dust on the bookshelf.  The crisis team is far too preoccupied with the next news story or "Tweet," that may have an impact on the stock price.

The truth is, our unpredictable world is actually certain and we only have a limited amount of time until the next crisis, to prepare and adapt...

SOC: Statement of Truth...

Global transnational organizations who provide 24x7 Business Resilience Intelligence and executive security protective details are on the rise. Corporate personnel who must travel to high risk regions of the globe, realize the requirement for a minimal, yet comprehensive security envelope.

Back at the Business Resilience or "Security Operations Center" (SOC), you will find a team of subject matter experts working in concert, to continuously enhance the Operational Risk Management matrix. One set of analysts are tasked with the media review and real-time intelligence collection from Open Sources. One example could be CNN or even more regional sources such as Alhurra:

Alhurra (Arabic for “The Free One”) is a commercial-free Arabic language satellite television network for the Middle East devoted primarily to news and information. In addition to reporting on regional and international events, the channel broadcasts discussion programs, current affairs magazines and features on a variety of subjects including health and personal fitness, entertainment, sports, fashion, and science and technology. The channel is dedicated to presenting accurate, balanced and comprehensive news. Alhurra endeavors to broaden its viewers' perspectives, enabling them to make more informed decisions.

Another set of analysts are sifting through online intelligence portals such as Opensource.gov or Data.gov . However, when you have a specific executive who is traveling to a specific country, there are more detailed plans and substantial advance work that takes place.

These facets of corporate enterprise risk and operational risk management (ORM) are vital to protect human assets and the ongoing continuity of business operations. Situational awareness enhancement is a 24/7 x 365 day process.

Whether your business takes you to Pakistan, Paris, Toronto or London the risk of bombing, or criminal elements are a real potential threat:

LONDON — An 18-year-old Iraqi asylum seeker was sentenced on Friday to life in prison in Britain after he was convicted of attempted murder in the botched bombing last September of a rush-hour train on the London Underground, which injured 30 people.

Ahmed Hassan was convicted last week after he left the bomb that partially exploded one stop after he had disembarked. The explosion triggered a stampede that injured tens of passengers.

Executive Protection details have been utilizing the compendium of wisdom and research that is found in Gavin De Becker's publication, "Just 2 Seconds" and for good reason:

"Think of every assassination you've ever heard about. For most people, a few of these major ones come to mind: Caesar, Abraham Lincoln, John Kennedy, Martin Luther King, Mahatma Gandhi, Indira Gandhi, Anwar Sadat, John Lennon, Israel’s Prime Minister Rabin, Pakistan’s Benazir Bhutto.

From start to finish, all of these attacks — combined — took place in less than one minute. And the hundreds of attacks studied for this book, all of them combined, took place in less than a half-hour. Those thirty minutes, surely the most influential in world history, offer important insights that can help today’s protectors defeat tomorrow’s attackers."

Operational Risk is far more pervasive than just the detection of fraud, mitigating the loss events from internal information theft or the "All Threats, All Hazards" approach to the "Continuity of Business Operations."  It's been said here before and it's worth repeating again this statement of truth:

"Attackers use tools to exploit a vulnerability to create an action on a target that produces an unauthorized result to obtain their objective."

Whether you utilize this statement within the context of your digital domains, physical domains or the vast set of processes within the enterprise, it does not matter.

What does matter, is that those individuals responsible for the survivability and the defensible standard of care of the organization,  "Never Forget"...

Unthinkable: Adapting in New World Disorder...

Will 2018 bring more data breaches, lost laptops and insider threats than 2017?  This is why CSO's, CPO's and corporate General Counsels have their teams working overtime.

When the enemy is increasing their attacks, utilizing new strategies and leveraging the existing base of compromised organizational intellectual and data assets, the future horizon becomes ever more clear. 

The statistics don't lie.  1579 documented Data Breaches occurred in 2017. Up 44.7% according to reports by the Identity Theft Resource Center (ITRC) compared to the previous year.  It is the new normal.

The Insider Threat Program (InTP) however, remains a key focus for Operational Risk Management (ORM) professionals because human behaviors are exaggerated during periods of stress, fear and uncertainty. This means that people who may have never considered doing something to jeopardize their reputations, may now be up against a wall.

When there is no obvious exit and no way out, people will do extraordinary things to get ahead, beat the odds and hedge their own risk portfolio of life.

In Joshua Cooper Ramo's book "The Age of the Unthinkable", "Why the New World Disorder Constantly Surprises Us and What We Can Do About It" the author discusses the concept of Deep Security. His analogy of how to think about "Deep Security" is the biological immune system:

"A reactive instinct for identifying dangers, adapting to deal with them, and then moving to control and contain the risk they present."

The key word in Ramo's writing is "Adapt".  Being Adaptive.  However, prior to this there are two other very vital words that we feel are even more imperative. Instinct. Identifying. In other words, Proactive Intuition.

Ask any savvy investigator on how she solved the case and you may hear just that, "I had a hunch."

Talk with a Chief Privacy Officer in any Global 500 company.  You might get them to admit they have a sense that their organization will be the target of an "Insider data breach" incident in the coming year or two.

Do you remember signing off on reading and your acceptance of the employee handbook?  When did your organization last make changes to the Corporate Employee policies?  We would start with the updates to the following sections:

• MEDIA CONTACT
• SOCIAL MEDIA POLICY
• REMOTE ACCESS POLICY
• E-MAIL, VOICE MAIL AND COMPUTER NETWORK SYSTEM PRIVACY
• (YOUR ORGANIZATION) RIGHT TO ACCESS INFORMATION
• SYSTEMS USE RESTRICTED TO COMPANY BUSINESS
• FORBIDDEN CONTENT
• PASSWORD SECURITY AND INTEGRITY
• INTERNET ACCEPTABLE USE POLICY
• POLICY ON USE OF SOFTWARE
• COMPANY PROPERTY
• PROTECTION OF TRADE SECRETS/NON-DISCLOSURE OF COMPANY INFORMATION 

Due to the increasing complexity of IT systems, cloud computing, data networks and the hundreds or thousands of laptops and mobile devices circling the globe with company executives and employees is enough to predict that a major breach will occur.

Being adaptive and having proactive intuition in the modern enterprise does not come natural. You have to work at it and it requires a substantial investment in time and resources to make it work effectively.  Proactive Intuition.

Once you realize that all of the controls, technology and physical security are not going to keep you out of harms way, you are well on your way to reaching the clairvoyance of "The Age of the Unthinkable."

Social Strategy 140: Direct Action #Risk...

Twitter real-time direct action (DA) "Information Warfare" between nation states is a daily task. Current and future Operational Risk Management (ORM) priorities will encompass the imperative to staff "Corporate Intelligence Unit" Fusion Centers.

A prudent Operational Risk strategy, shall include a "Big Data" capability combined with deep social intelligence analysis. Here is a historical FLASHBACK in time, to one example of why leadership is devoting new resources and investment to these internal risk management capabilities:

New Diplomatic Avenue Emerges, in 140-Character Bursts
By SOMINI SENGUPTA October 3, 2013

UNITED NATIONS — "Countries all over the world, dictatorships and democracies alike, have in the last few years sought to tame — or plug entirely — that real-time fire hose of public opinion known as Twitter. 

But on the sidelines of the General Assembly meeting over the last couple of weeks, ministers, ambassadors and heads of state of all sorts, including those who have tussled with Twitter the company, seized on Twitter the social network to spin and spread their message. 

At the height of the diplomatic negotiations last week over a United Nations Security Council resolution that would require Syria to turn over its stockpile of chemical weapons, the American ambassador to the United Nations, Samantha Power, used Twitter to preempt criticism of the measure as lacking teeth because it had no automatic enforcement provision."

What does this mean for the global enterprise, who circumnavigates the planet to initiate and manage daily business operations?  It means that "Information Warfare" and intelligence collection and analysis for the enterprise continues, as a top strategic and operational function.  It requires continuous Operational Risk strategy oversight.

How an organization directs personnel and manages daily decisions, is more mobile information-centric than ever before.  Just stand at any major sidewalk intersection in a major city across the world and count the number of people looking at their "Smart Phones" as they cross the street.

The speed of business that is fueled by leaders commenting via social media, can even influence commodity traders in futures markets and operational planners in the "E-ring."

Leadership has the ability to by-pass the traditional media juggernauts to get their message heard in seconds.   The President of a major stock exchange or of a G20,  has a "Duty of Care" to it's constituents to make the correct public decisions.  At the same time, a moral and ethical context begins to evolve, in the vast battle space of 140 digital characters.

The use of a social media post or Tweet from the Board Room to the Court Room; from San Francisco to Tehran, or from Wall Street to Hong Kong, is a risk-oriented asymmetric information tactic delivered in plain sight.

Those social tactics, visual in the landscape of our modern day quest for influence, notoriety or outcry, shall forever shape the breadth of our enterprise digital risk management spectrum...

The 3rd Planet: On The Edge of a Digital Precipice...

After reading the Washington Post on February 3, 2018, there is little debate in our world capitals, that we are on the edge of a digital precipice.

Mobile devices in the hands of humans, has exponentially changed the transnational landscape for our communications forever.  Yet this digital precipice is just inches away from a tremendous chasm in our cultural, social and legal way of life.

Every organization, now has substantial Operational Risks to manage, within the context of their group, company, enterprise, government and even family.  This alone is not a revelation.  However, if you are a Mother, Father, Brother or Sister, you are constantly challenged by the kinds of risks that plague anyone who dares to explore and utilize the benefits of the modern day Internet.

Our children are growing up faster, as they are exposed to the dark side of life, the evil that is present in our world.  They witness violence, revenge and all of the other negative attributes of society faster than ever before.

The outcomes of mother nature and our natural disasters are always front and center.  The digital controls and censors of broadcast television are no longer pervasive across the content and web sites available, to those who know how to navigate our IP-based digital oceans.

Operational Risk Management (ORM) is now each persons responsibility.  It is no longer in the hands of a few people, in a few departments at your organization.  It is not the role of a single person in your household, to make sure the family router is configured correctly.

If you are holding your latest "Digital Device" in your hand, or tapping away on the keyboard of your new lap top it is your decision to "Give" or to "Take."

Over a year ago, Adam Grant wrote his book.  To get some context in 13 minutes, you can watch this YouTube of his Ted Talk.

We have for years been exposed to the concepts of "Pay It Forward" or even other concepts of reciprocity.  The real question is:  Are you a "Giver or a Taker?"  You might be surprised to learn what Adam Grant's research uncovers.

So what?

The ethics and morals that are embedded in you at an early stage of your life, will most likely continue.  The influence your Mother and/or Father or early childhood caregiver provided you may have made a difference.  Maybe it was an old book they read to you, or someone asked you to read.

We all know that the words, content, pictures, videos and ideas on the other side of that tiny digital screen in your hand, is nothing more than a mirror, of our own human behavior.  Good or deleterious.

How will you use this iPhone tool today, to be a "Giver or a Taker?"  There might even be another option.  Turn it off and put it in a drawer.  At least for a few hours...but could you for a whole day?

When was the last time you donated your time, expertise, abilities or resources?  What will you do right now, to make a difference on the third planet from the Sun...