As business continuity planners, the potential impacts of terrorism is a concern we’ve all probably had to consider. So we’re asking, from where do you get your information to properly consider the issue of terrorism?
Many of us are based in locations where terrorism is part of our recent history. And with cyber terrorism on the rise, this type of crime – in all it’s forms – something we’ve all probably had to form an opinion about, especially when it comes to risk profiling for our BIAs.
The relatively recent acts of terrorism perpetrated in the Middle East, US, UK, and Spain mean that many of us associate the term ‘terrorism’ with acts that cause death, but they’re by no means the only events. The US National Consortium for the Study of Terrorism and Responses to Terrorism – known as START – has over 100,000 on record. In fact, they’ve recorded around 190 acts a week from 1970 – 2008. They range from bombs right through to cyber security attacks and many hundreds of incidents that you’re not likely to have heard of, especially if you live in the Western world.
Most of us naturally rate those that cause death as the worst atrocities. And, though Nobel Prize winner Doris Lessing apparently once argued that the 3,000 deaths that occurred during 9/11 weren’t “that terrible” when they were compared with, say, the 3,700 deaths caused by the Irish Republic Armies (IRA), we note that Ms Lessing apparently fails to consider the IRA activity took place over 30 years while 9/11 happened in a single day, suggesting that terrorist capabilities and desires have changed radically.
However, this information should be put into context. There’s only a 9.3 million to 1 chance of being killed in a terrorist attack. That compares with an 43,000 to 1 chance of a fatal accident at work and a 8,000 to 1 chance of dying in a car accident. If you think dwelling on these statistics is a tad morbid, then consider this: some US citizens were understandably scared to fly in the year following 9/11, so they drove instead. An examination of the road death toll reveals there was a sudden increase in US road deaths that lasted for about 12 months before returning to normal levels. It’s estimated that 1,595 extra US citizens died in that year because they briefly switched from air travel to roads, believing it was safer… We all understand human nature, but as business continuity planners we need to assess risk on a wider scale, and much more accurately, whenever we can. And risk can only be assessed if we have good information.
So where do you get your information from regarding the risk of terrorism for your organisation? If your organisation isn’t an obvious target for a terrorist organisation, are any of the organisations on which you depend? Is cyber terrorism an area of concern for you?
If you’re looking for high-level information, you could take a look at START’s Global Terrorism Database. It’s search facility allows you to really narrow your searches to find data that’s useful to you. Search criteria can include date, region, country, perpetrators, weapon types, target types and casualties. START also issue a research report each year (click here for 2011′s report). But what if you need more local information and advice?
In many countries, each local police force can offer specialist advice to individuals and companies concerned about terrorism. The UK’s National Counter Terrorism Security office provides a wealth of information that’s worth checking out even if you’re based elsewhere: crowded places (e.g. bars, pubs and clubs, shopping centres, stadia and arenas, visitor attractions, major events, health, education and places of worship); hazardous materials (e.g. radioactive materials, pathogens and toxins and pre-cursors; transport systems (including land, aviation and maritime). The US’s Department of Homeland Security also offers lots of advice including: fraud and counterfeiting, infrastructure and secure identification.
So – over and above the specialist local advice including that from law enforcement agencies, local authorities, and your own experts, here is our list of go-to resources for advice on terrorism:
- UK National Counter Terrorism Security Office
- US Department of Homeland Security
- Australian National Counter Terrorism Committee
- UK Centre for the Protection Critical National Infrastructure
But our favorite resources? Well, as business continuity planners, most of us accept that we don’t know what will happen in the future and that, however good our information, we need to consider the extend to which our own organisation needs to plan for such an event.
For physical terrorism we like that’s dedicated to those who lost their lives on September 11, 2001. It’s called Terrorism Response: A Checklist and Guide for Fire Chiefs. Don’t be misled – it’s a great resource that will be useful to many organisations that have nothing whatsoever to do with fire fighting. Just check out those checklists for a wealth of ideas on what to consider – even if it’s only to decide what isn’t worth the effort for your organisation!
For cyber concerns, there are a few resources that have been brought to our attention:
The US Federal Communication Commission (FCC) have a useful “Cyber Planer” tool: it allows you to select the contents of your guide, based on your organisation’s needs, before downloading it. The European Network and Security Agency has a range of material on information technology security including posters, video clips and screen savers, that are all available free of charge. Here’s an example:
And, if you’re looking for some predictions on security issues in 2012, Security Labs have issued an interesting 4 minute video explaining that they think “the twists and turns ahead” will be. Will your social media profile be more important to hackers than your bank details in the future, for example? Will they target search results for major events (such as the Olympics and elections). You can download a two-page summary and decide for yourself what you think about their suggestions.
Once again, with our global boundaries becoming ever smaller, its worth a look at all these resources even if you’re based in a different country to the one that provided it.
Oh, and for more a great resource on how we ordinary mortals understand risk, we recommend the thoroughly readable Risk by Dan Gardner (Virgin Books). Gardner explains how human nature prejudices how we view risk and what we can do to rectify this, which is particularly important for risk managers and business continuity planners. Thankfully, it’s airport style book that’s a pleasure to read, as well as being very useful.
Subscribe - weekly news and a free course!