30 December 2012

2013: The Speed of Operational Risk...

As we look into the rear view mirror of 2012 and scan the horizon of 2013, Operational Risks are ever more so present.  Whether you are a leader of a global organization or the sole bread winner of your single parent household, the management of risk is a daily priority.  Even getting enough sleep is a risk to health and well being.

So what are you going to do about 2013 and managing risk in your life?  Your company.  Your nation.  Operational Risk Management is a discipline that can be mastered and those who will excel in the next few years understand what is at stake.  Unfortunately, many people and organizations will not have the wisdom, experience or resources to survive the onslaught of new threats and to mitigate existing vulnerabilities.
"Achieving a substantial level of competence and resilience in Operational Risk Management takes decades of experience in seeing the mistakes.  Witnessing the tragedy.  Feeling the successful outcomes of a solid process for sense making.  Using information in ways that we never dreamed about.  Turning speed into your greatest ally."
Your ability to thrive in 2013 and beyond will rest with your leadership and the ability to adapt.  Yet even beyond this fundamental reality is the continuous discipline to effectively accept more risks.  The organizations and those individuals who rise to the 2% or even 1%, took more risks than you did.  The question is, why?

Accepting a risk means that you have to think through the real potential outcomes.  Both positive and negative.  And you have to make the decision to accept each risk action at light speed.  Otherwise, it is too late. This is not a game of spending too much time trying to figure out odds and percentages as much it is a professional decision to act, while not knowing the exact future outcome.  What you do know, is the clear result of a positive outcome and even more importantly, you know the result of a negative outcome.

Can you live with either outcome?  If the answer is yes, then you should consider yourself a true Operational Risk Professional.  Now make the decisions faster, before someone else makes it before you do...

We wish you an abundance of new and rapid Operational Risk decisions in 2013!

01 December 2012

Powerbase: Information Operations in the Workplace...

How robust is your organizations "Information Operations" capabilities? The degree to which the threat to your institution escalates in a war of words is going to be in direct proportion to your ability to monitor and counter the "Powerbase" within your information-centric community.

Operational Risk within the institution, the city or the country is a factor of the likelihood of a particular threat and the ability to deter, detect, defend and document the threat. However, the overt abilities to sensor, block or suppress your particular community from communicating freely, will be difficult if not impossible.  Or will it?
By Craig Timberg and Babak Dehghanpisheh, Published: November 29 
Syria’s civil war went off­line Thursday as millions of people tracking the conflict over YouTube, Facebook and other high-tech services found themselves struggling against an unnerving national shutdown of the Internet. 
The communications shutdown immediately evoked memories of similar action by Libya’s Moammar Gaddafi and Egypt’s Hosni Mubarak, and it sparked fears that President Bashar al-Assad could be preparing to take even harsher action against Syrian opposition forces, which have recently made significant advances in the battle against the government.
A Syrian official blamed the outages on technical problems. Analysts said it was far more likely that Assad had ordered the Internet and some cellphone connections switched off, although it was possible that a rebel attack had severed crucial cables. 
Whatever the cause of the blackout, it was clear that the remarkable window into the war offered by technology had dramatically narrowed for Syrians on both sides of the conflict and the many outsiders following the story. Observers said it signaled the beginning of a dangerous new phase after 20 months of escalating conflict.
Nations states have for years been subjected to the technology innovation of proxy servers and other methods for obtaining blocked Internet content. The human element of the insatiable pursuit of information will continuously provide for the innovation to obtain that information that has been withheld from the community. Whether that community is a corporation or a country, the employees or the citizens will find a way to gain the access and obtain the information they seek.
“...our intelligence apparatus still finds itself unable to answer fundamental questions about the environment in which we operate and the people we are trying to protect and persuade.” Lt. Gen. Michael T. Flynn, U.S. Army
The ability to utilize ubiquitous devices such as camera enabled wireless smart phones has changed the landscape for "Information Operations" within your company and your local community. Operational Risk professionals are keenly aware of the requirements to monitor and detect the use of roque communications devices in the workplace including unauthorized broadband hot spots (simple and effective). Yet the state of business and politics precludes these individuals from truly understanding what their real role should be in this fight for zero's and one's. The fight is not about learning who has unauthorized access, it is about understanding human behavior and the powerbases within a particular community.

Even the use of more sophisticated wireless mesh networks has been pervasive for years within the context of the USIC and where U.S. defense forces need to operate in areas with little or no telecommunications infrastructure. The questions begs then to what degree are these same kinds of capabilities being utilized within the context of industrial espionage and foreign intelligence services within the skyscrapers of downtown Washington, DC, Chicago, New York or Los Angeles?
Having a better understanding of the powerbase of each actor, the number and types of dimensions of that power, which elements of the powerbase are inherent or inferred, and whether it is growing or shrinking through cooperation or conflict, are all essential elements of information in stability operations and prerequisites for effective influence operations. Understanding Local Actor Bases of Power - Col. Patrick D. Allen, USA (Ret.)
So how easy or difficult would it be to set up a relatively effective mesh network? Look to one of the leaders in the technology itself for guidance:
Firetide Corporate Profile
Reliable Connectivity Anywhere: Designed for seamless indoor and outdoor operation, Firetide mesh networks securely handle concurrent video, voice, and data applications, making it ideal for large scale municipal and enterprise networks. The mesh's self-forming and self-healing properties enable rapid deployment and highly reliable operation. Firetide's AutoMesh routing protocol manages network load and traffic flow to optimize mesh-wide performance and capacity.
If the City of Chicago or the country of Singapore can utilize these capabilities to create their own information networks for voice, video and data applications then so too could any private enterprise with the right funding and the people to operate these systems.

Your organizations "Information Operations" capabilities go far beyond the IT department and their ability to sweep for rogue "Wi-Fi Hotspots" in the workplace. It could mean the difference between the safety and security of your municipality or the entire academic campus. In either case, the powerbase of information will still have to be analyzed and understood. Without this powerbase insight your organizational "Operational Risks" will remain unknown and your ability to mitigate these risks unknowable.