ISACA Journal Author Blog

ISACA > Journal > Practically Speaking Blog > Posts > Preparing for a Black Swan

Preparing for a Black Swan

Mustafa S. Poonawala, CISA, ITIL
| Published: 6/6/2016 8:23 AM | Permalink | Email this Post | Comments (0)
Black swans are rare, unpredicted and unknown events that have a significant impact. It has been decades since the concept of the black swan was introduced, but even today there are many organizations that are unaware of it or do not understand the magnitude of its impact on their business. Some organizations believe that they will not be affected by it.
The chances of a black swan sighting are higher than ever and are increasing due to the rise in many of its causes, e.g., political turmoil, natural disasters, cyberattacks. The current need is for organizations to realize the gravity of the impact of a black swan and get itself ready so that it can minimize the damage. Therefore, organizations should concentrate on a better understanding of the value of their data and resources and, accordingly, back a sound resilience program financially and logistically.
Designing an effective resilience program requires careful monitoring and evaluation of various factors. The strategy used to design it should be evaluated constantly to ensure that it is able to handle the newest threats. The following points should be kept in mind when designing an effective resilience program:
  • A business continuity management program should be tailored as per the value of the data of each department within the organization.
  • An organization should be aware of how well its employees can function under pressure and exhibit their skills in an emergency.
  • It is essential for employees to have expert certifications in various fields rather than just completing foundation courses. This would help the organization have the proper expertise in designing the resilience program.
  • Complimenting updated human resources with the latest technology (e.g., implementing artificial intelligence) strengthens the line of defense.
  • Innovation and critical and aggressive thinking help reduce the impact of an incident.

One thing to keep in mind is that the term black swan is applied to an unknown threat. Therefore, there is no fail-proof strategy against it. A good resilience program may not stop a threat altogether, but it definitely can reduce the impact of the risk.

Read Mustafa S. Poonawala’s recent Journal article:
Black Swans—From Expecting Risk to Expanding Technology,” ISACA Journal, volume 3, 2016.


There are no comments yet for this post.