Security Magazine

How CSOs Can Prepare for Inevitable Natural Disasters

At the core of risk and resilience planning is the ability to gather intelligence and create situational awareness.

January 6, 2014

“Everybody talks about the weather, but...nobody does anything about it.” Well, it appears somebody finally is – CSOs. And not just the weather, but everything Mother Nature can throw at enterprise security supporting business and protecting its people, property and assets. Weather is one point on the risk matrix. Natural disasters are a less frequent but more targeted, severe risk from which enterprises have found resilience more difficult. And contagions continue to appear on the horizon of risks that enterprises need prepare for and have their stakeholders avoid.

As you know, at the core of risk and resilience planning is the ability to gather intelligence and create situational awareness. And at the front of that effort is the move to leverage Security Operations Centers that incorporate public (e.g. OSAC) and private (e.g. Impact Weather: “Time is Money, Downtime is Not”)resources. Combined with travel support and insurance services, enterprises are able to fuse information at their fingertips to prepare for possible disruptions to business travel, supply chain logistics and damage to facilities and assets.        

A recent study found that a large majority of companies, 85 percent had suffered at least one supply chain disruption during 2011, according to a survey carried out by Zurich Financial Services Group and the UK Business Continuity Institute. Adverse weather was the most common cause of supply chain disruption, cited by 51 percent of respondents. Another 21 percent cited earthquake or tsunami as a cause of one of their supply chain disruptions. The cost of those disruptions ranged from under $1 million to over $140 million.

Health issues related to global expansion and travel also exist. In December, Hong Kong confirmed two cases of the H7N9 influenza. The World Health Organization says this influenza has infected 136 people, killing 45, across 12 Chinese provinces. In 2003, SARS (Severe Acute Respiratory Syndrome) was identified as a new disease in Hong Kong. It spread quickly, affecting people and businesses worldwide, forcing travel cancelations and impacting national economies. More than 8,000 people were infected, and 750 were killed by the disease.

Being aware of health risks and having proper vaccinations, getting immediate intelligence on outbreaks and protecting stakeholders from exposure is core to security’s mission and the value of leveraging SOCs for intelligence gathering and fusion. As global business expansion continues the ability to link stakeholder travel plans and itineraries with health advisory services. As we go to press, the Center for Disease Control recommends practicing level 2 or enhanced precautions against polio in Cameroon, Syria, Somalia, Kenya and Ethiopia and against German measles in Japan and Poland.

Natural disasters often come without warning, impacting business, supply chains and employees at the local level, either located near the disaster or affected by travel outages as a result of it. Storms such as Sandy are recognized as a weather threat but overwhelm preparations and resources, becoming a disaster. Enterprises and individuals tend to prepare as the event becomes imminent, stocking up on batteries and water, or even evacuating if the forecast is extreme. Weather or natural disasters, such as tornadoes or earthquakes, require advanced preparation, planning and constant vigilance because the threat is persistent but it is unknown if or when it will occur.

Regardless of the weather disaster type, the cost is significant. According to the National Climate Data Center, the U.S. has sustained 123 weather-related disasters during the 1980-2012 period in which overall cost reached or exceeded $1 billion at the time of the event. 2011 had the most disasters in any year with 12, at an average cost of $52 billion. Drought is included in their report.

At the heart of the SOC model is the ability to locate, communicate with and provide support to those affected by disruptions from minor weather to major disasters. Travel, medical, intelligence and guard service companies are combining forces either through strategic partnerships or acquisition to provide robust services from SOC intelligence to local feet on the ground resources in case of emergency. Communications preparedness is critical as networks are overloaded during emergencies and those affected are unable to use their mobile devices.

Matt Barkett, Senior Managing Director and leader of Dix & Eaton’s crisis communications practice, has this advice for before, during and after a natural disaster:

  • Engage in traditional tactics such as posting flyers in public places, simple hand delivery of information or word of mouth.
  • Utilize online and social media channels. Encourage employees to register on the Red Cross’s Safe and Well site.
  • Identify and utilize backup facilities.
  • Activate your company’s “dark site.”
  • Coordinate with your insurance and travel providers to determine what kind of communications assistance your plans might offer.
  • Prepare for an influx of people wanting to help or offer condolences.
  • Give your “A Team” a rest by leveraging backups.

As risk mitigation becomes the foundation for great security, planning for the most frequent threat your enterprise is likely to encounter – nature – brings great value to both business and workforce protection goals.