meet Riskkollegiet!

The future is uncertain. We all have goals which might not be met. Risk is everywhere. It concerns bankers, beekeepers, and billiards players. Since risk is a part of every field, it can take many forms. Exploring the specifics of risk, and risk as a concept, how risk is perceived and managed, is what Swedish Society for Risk Sciences (Riskkollegiet) is about. The Society hosts seminars, publishes reports and supports young researchers. I'm proud to join the board of Riskkollegiet as a deputy member.


on rational evilness

Researcher Hans Brun helps us grasp terrorism as a phenomenon.

It's not new, the first "wave" occurred well over a century ago. And it's not irrational. On the contrary - terrorism is a conscious choice made by rational actors, says Hans. It's a strategy serving specific purposes. Terrorists aim to create chaos, provoke an overreaction and portray themselves as a credible and legitimate power.

Deconstructing terrorism won't make it any less ominous, but it helps free societies find defensive strategies.


a lesson in troubled times

I spent an afternoon, hosted by the European Commission, with seminars on migration and climate change. Their way of reaching out and inviting dialogue is commendable and necessary when navigating political turmoil.

What struck me was how these seemingly different topics turn out to be interrelated. Climate change is a growing driver of migration. And neither issue could be addressed by fortifying borders. Nationalism won't solve anything, only strengthened cooperation will. A lesson in troubled times.


step by step towards assurance

In order to obtain assurance, your qualified continuity plan should be tested.

Don't wait for it to be "perfect". Test soon, and use the test to find weaknesses.

The effort you put into testing will depend on risk. Begin with a desktop test, discussing the plan step by step with stakeholders.

Iterate the test and watch your plan improve, as well as your ability to execute it.

Nothing beats reality. A realistic simulation is the next best thing. It won't be cheap or simple, but certain scenarios need to be simulated.


crystal ball out of service

Retirement planning and pension savings is one of the most difficult, long-term decisions most of us will ever face. At a recent seminar, Nordea offered a list of issues to think of, focusing on today's rulebook, how responsibilities are shared between state, employers and individuals. But the system keeps changing. We're all literate, we can read up on current rules. As experts, bring your crystal ball, help us understand trends and scenarios. What might the system look like 30 years from now?


it's not the technology, stupid!

I used to think that proactivity in security is all about Risk Management. Then I found myself involved in Crisis Readiness. Still with an eye on risk exposure, preparedness adds a human as well as organizational  capability dimension. How good are we at dealing with difficulties, improvising and being creative from a platform of plans and structures? The crisis perspective makes security more challenging. but it does confirm an old belief - it's not the technology, stupid! Think people and processes.


a second opinion isn't second best

By planning around certain harmful events you take ownership of your continuity risk. But there are things you won't know when writing your plan. You need to involve stakeholders, specialists. Seek their advice and perspectives, learn about their plans. Tell them about what risk you see and how you intend to treat it. Have your plan qualified through their input and compatible with their plans.

Business Continuity is not an arena for lone rangers. Getting a second opinion makes for a first-class plan.


in the midst of the crisis

Part of Business Continuity is dealing with crises. Throughout 2015 I've been involved in the large FSPOS Sektorsövning of the Swedish financial sector. The task was to plan, prepare and lead this simulation exercise for one participating Crisis Management Team. They faced a rapidly evolving scenario. How would they respond to threats, deal with uncertainties, communicate with customers and the market? Creativity in the midst of stress. Improvising from existing plans. Valuable lessons and loads of fun!


the future of continuity

Last week's Q&A with Master's Students in Kista, Stockholm was fun. Still in their first semester, I'm impressed by their wide-ranging questions. In fact, I even appreciate their showing up for an optional event. Arranging anything non-obligatory was kind of a hard sell when I first studied, back in a previous millennium. Many thanks to Mark Strande who kindly agreed to join me for this session to share his insight on Business Continuity. Also, presenting together is so much more fun.


innovation through dialogue

Security needs innovation, new ideas from new people. It's great to see a new Master's Programme underway at Stockholm University. Department of Computer and Systems Sciences (DSV) is set to regain its position as a leader in the field, and the industry stands to benefit.

Aiming for openness and external contacts, the programme has hosted a series of Security Dialogues, informal sessions with folks outside academia. I'm super-pleased to have been invited to meet with students December 2. Dialogue FTW!