Lootok

Menu

What's new?

5 fresh perspectives: seeing the world differently

Why do we even need a fresh perspective on BCM?

As we grow and learn from our experiences, observations, and interactions with other people, we form frameworks that help us understand the world around us and give us cues as to how to respond or behave. These frameworks give us our own personal blueprint as to how and why things work.

For example, most people have automatically come to understand that when your phone rings, you answer it and say, “Hello?” When someone sneezes, it’s likely you’ll hear someone else say, “Bless you.” If you want to make an omelet, you need to break a few eggs. Et cetera.

The problem is, frameworks are built on individual experience. And sometimes we get it wrong. And when we get it wrong, we’re presented with challenges that are extremely difficult for us to understand and negotiate.

This is the first in a series of e-books that examines the typical ways we’ve found people think about risk management. A fresh perspective is important, as many of the frameworks we’ve built around the process—as well as the product—tend towards the negative. Our goal is to identify how and why we’ve developed these frameworks so we can do something about them.

Isometric grey image

Read Post

How soon do you need to communicate after a crisis?

I was working with an executive team on a crisis scenario, when one of the leaders asked a question on crisis communication. He asked, “How soon do we need to communicate? 5 minutes, 10 minutes, 1 hour, 1 day, …?” He was looking for a precise number to evaluate a few past incidents that were on top of mind for everyone in the room. I gave the common answer, but right answer, of “it depends”. He gave a look of dissatisfaction and made a discrediting posture. I went on to share a few basic statistics from Daniel Diermier’s research (author of Reputation Rules) such as “online news stories suggest that the typical window is only eight hours; 20% of all news stories on a given issue are published within an eight-hour period; so forth.” Some time has passed since the exercise. After some thought, I want to provide executives with six (6) crisis characteristics to consider when determining when and how to communicate.

Crisis communication meeting
When should you communicate?

Read Post

Lootok lights up the RIMS’16 Go Beyond conference

Please join us at RIMS’ annual conference in San Diego, April 10-13, 2016.  Lootok’s CEO and President, Sean Murphy, will be speaking at three separate events. The schedule for his sessions is listed below.

You can also get a sneak peak of Sean’s session on “Five Essential Crisis Management Capabilities” live on Twitter through RIMS live tweet chat. Join the conversation by following and using #RIMS16Chat on March 9, 2016 at 2:00pm EST.

RIMS organization logo
RIMS’16 Go Beyond

Read Post

Debunking myth #5: Best-in-class BCM software exists

Will BCM software deliver on its promise of making your BCM program easier to run? Is it really possible for BCM software to eliminate the difficulties in running your program?

Yes, it can—but there’s a catch. It won’t address challenges that are unique to your program. Essentially, your problems need to be shared by every other customer of the software.

Download Best-in-class BCM software exists, the fifth myth in Lootok’s series on the five myths of business continuity management (BCM)!

Best-in-class BCM software exists
Myth #5: Best-in-class BCM software exists

See Myth #1: The plan is the promised land.
See Myth #2: You need a business impact analysis (BIA).
See Myth #3: The risk matrix measures risk.
See Myth #4: It gets cheaper and easier.

Read Post

What are the signs of an organization at risk for crises?

For some organizations, a crisis is the only catalyst for change.

Sharing a few thoughts on recognizing the signs of an organization at risk for crises. I have not performed a thorough analysis; however, I have a few reoccurring observations. I have observed three (3) common corporate attributes that lead to big corporate crises, which can be used to justify investments into our risk management programs—beyond credit, liquidity, and market risk:

  1. Incidents and near misses
  2. Targets and spending
  3. Incentives and self-regulation
person in crisis
Signs of a crisis

Read Post

Why are cyber threats on top of every executive’s mind?

Sharing a few thoughts on cyber security…

I was on the phone last week with a data visualization expert and author discussing visualization problem solving—basically, how to solve problems or at least understand problems with pictures (i.e., drawing pictures). He asked a question about cyber security: “Why is a cyber threat so scary? Isn’t it just another threat?” He was right… in part—cyber is another threat, just like infectious disease, civil unrest, flood, power outage, fire, war, or accident. While we use common frameworks and capabilities for threats such as command and control, situation awareness, threat intelligence, common operating picture, common ground, and so forth, each threat has unique characteristics we need to consider. Why is cyber security on the top of every executive’s mind? It comes down to six (6) characteristics of a cyber threat:

  1. Intentional
  2. Speed
  3. Wild
  4. Interconnectedness
  5. Location
  6. Detectability

There’s a mnemonic for these six (6) characteristics: “is wild.”

Person under cyberthreat
Cyber attack

Read Post

Fresh perspectives: biggest challenge in risk management – metrics

What’s the biggest challenge in risk management? If you ask risk analysis expert Yossi Sheffi, it’s the lack of an industry metric. For example, when you choose a supplier, how can you quantify how risky your choice is? When it comes to metrics, Sheffi says, risk still remains an area where gut feelings and opinions play a major role. And the biggest challenge for risk managers? Defuse the responsibility for managing risk throughout the whole company.

Read Post