Security Risk Environment Scan
Risk assessment at its core should include the evaluation, measurement and prioritization of likely relevant events or risks that may materially hinder or prevent your organization from achieving its goals or purpose. It is imperative that an organization identify what risks might impact them or their industry to develop ensuing mitigation strategies. Risk assessment is not a new concept, yet many organizations struggle to accurately identify which risks should be their primary focus.
How many organizations (or nations for that matter) had identified a pandemic as a priority risk for 2020? One organization which demonstrated such foresight is the Wimbledon Tennis Tournament. Wimbledon identified pandemics as a potential threat to the tournament and went as far as buying insurance to mitigate their risk exposure. The outcome? The 2020 tournament was cancelled yet Wimbledon will receive a £114 million payment. This stands in stark contrast to the dire financial hardships faced by numerous other sporting organizations worldwide. This preparation was in fact a response to the 2003 SARS outbreak. In terms of ‘human’ impact (as opposed to financial impact), Taiwan who was significantly impacted by SARS also invested heavily in pandemic preparation and is now considered to have executed one of the most effective responses to the Covid19 pandemic with only 9 deaths (Feb 2021)!
The security risk environment scan provides a proactive portrait of the most likely security risks an organization is most likely to face over the next 5 years. The goal is to identify the events before they impact an organization to create a mitigation plan and processes.