When a corporation fails to upgrade technology and industry best practices they open the door to a litany of exposures that may lead to catastrophic failures and may awake to find themselves a decade behind competitors. Protecting critical assets and preventing disruptions from all threats is a fulltime endeavor, and a challenge to corporations accountable for protecting critical and key infrastructure. Failure of critical infrastructure assets and systems will directly affect everyday lives, and have a long-term and profound effect on economies.
Governments have limited resources to protect critical infrastructure and the majority of critical infrastructure in North America is protected by commercial industry with very little being the responsibility of the government – government most often will respond only in a time of grave crisis. For corporations to endure against threats to critical infrastructure, they must prepare!
How does a corporation ensure they are fully prepared for threats that are inevitable?
Routine exercise and maintenance of emergency response plans and business continuity plans must be a priority for corporations. Coupled with “outside the paradigm” rational, which requires proactive planning and specialized individuals to lead think tanks; these strategies are part of the multiple activities that a corporation must embrace to stay ahead of risks. To survive and prepare for all inevitable scenarios, corporations require a “Wolf Like” focus to war-game and develop an asset analysis of all possible threats, and develop mitigations to neutralize those threats. Although, corporations can never be fully prepared for all threat scenarios and emergencies, critical thinking and planning must focus and prioritize likely threats and risks. Moreover, corporations must rate and rank critical infrastructure, and assess the current protections and weaknesses for each asset – remember, human resources are at the top of the list!
For organizations to posture their preparedness, managers and leaders must change their way of thinking from “if” an event will occur to “when”, and this mindset must resonate to every work hub and employee. Quarterly, semi-annual and annual risk assessments should and must be performed and management must lead these efforts.
Does your corporation need a risk assessment?