Threat/Hazard
Predictions on the Impact Climate Will Have on Security
Several years ago, if you told one of my clients they would lose their building to a California wildfire, they might have laughed in your face. As a military contractor, they were very security- and compliance-minded. Also, their site, built 50 years ago, wasn’t close to the areas of California that suffered wildfires, and there had never been a wildfire in the area in all that time. It was a low-probability event to say the very least.
Yet, a couple of years ago, that company lost its site to a wildfire. The climate changed, and that change brought a risk that couldn’t be foreseen decades ago, but was still not planned for until a wildfire actually threatened the site.
‘There’s never been a fire here before’
Despite the fact that wildfires had been on the rise for several years, the facility had no plan for a fire from the outside. There were processes and systems in place for a fire that started inside the building, but nothing to counteract an external fire. After all, there’d never been a wildfire there before.
When an event finally happened, the facility had just six weeks to plan for the wildfire that eventually destroyed their building. In that time, they had to securely move classified materials from the site, make business continuity plans, evacuation plans, and plans to secure the site post-evacuation.
While they did manage to render the building a non-classified facility, they had to do a lot of planning in a short period of time, something that could have been avoided if they’d recognized that fires were a high probability risk sooner.
Foreseeable risk is probable risk
The planet has a history of climate change. You can’t deny we’re seeing an increase in wildfires and hurricanes in areas they haven’t been in before, and that makes them foreseeable — even if they’ve never happened in your region before.
Securing your business in times of change comes down to an organization’s enterprise risk management: what risks might your company be facing? What’s probable now and what’s probable in the next few years? How can you make plans to mitigate events that seem like outliers now but might be common soon?
Take the example of the pandemic. Most of us didn’t expect COVID-19 to upend our lives in 2020, but smaller epidemics have been happening all along. Years ago, we prepared a mitigation protocol for Avian Flu. It was suggested that instead of making a protocol for one specific disease, that we use that protocol to create a framework encompassing all infectious diseases.
This is something that can help us respond to emergencies we can’t yet predict; you might not know the specific risks you’ll be facing in 10 years but you can put a general emergency plan in place for various scenarios: evacuation, business continuity, or getting property out of an endangered site.
Yes, it can happen here
“It can’t happen here” is a dangerous phrase that blinds an organization to changing levels of risk. You may say “I have a low probability of being affected by a wildfire,” but should that preclude you from doing the necessary preparation and prevention work? If you’ve never gamed out the risks of a wildfire on your business, you’ll be hampered when it comes to mitigating those risks.
About the Author
