Note: The following is an in-progress excerpt from the new book, Not a Moment to Lose: Influencing Global Security One Community at a Time, by Francis D’Addario, which will be available through the Security Executive Council this fall. For more information, visit

Manmade catastrophes and naturally occurring phenomena, from contagion to seismic or severe weather events, have endangered us since the dawn of civilization. Our anxiety for a range of hazards is palpable. The so called “death of distance”, a phrase coined by Frances Cairncross to describe the globe-shrinking effect of instantaneous communications, reminds us of every prevention or mitigation miss.
We began this millennium with high anxiety related to the Y2K time code ambiguity. Many surmised that date-related machine processing would fail on January 1, 2000. Widespread utility grid and critical systems issues were anticipated. First responder teams were on alert throughout the world. Yet relatively little disruption occurred.

2001: The Year of Events

It was not until 2001 that the world was shaken by multiple influencing events. On January 26, 2001, the Gujarat region of India and a portion of eastern Pakistan were devastated by an estimated 7.6+ magnitude earthquake. Estimated deaths exceeded 20,000. Injuries topped 167,000 with more than a million homes destroyed.
Pandemic Threat Posed by Avian Influenza Viruses was also published. The research finding by Taisuke Horimoto and Yoshihiro Kawaoka warned of similarities between H5N1 and the Spanish influenza H1N1 that claimed 20,000,000 victims worldwide in 1918 and 1919.
Later that year, on September 11, all eyes turned to the United States, when primetime news footage showed the consequences of Osama Bin Laden’s long-standing threat:  2,974 victims and 19 terrorists died with the suicide destruction of the twin-tower World Trade Centers of New York and heavy damage to the Pentagon.
Identity theft and fraud kept pace with network expansion, enabling subjects of interest (including the 9/11 hijackers) to travel with impunity under alias credentials. Identity theft topped the U.S. Federal Trade Commission’s consumer complaints in 2001. Enron, the $64 billion energy trading giant, declared bankruptcy. Failed fraud detection oversight cost the brand and all its stakeholders.
In October the Amerithrax anthrax attacks reminded us that domestic terrorism can be just as effectively disruptive as any imported variety. 2001 was also the last time the Food and Drug Administration visited a Blakely, Ga. food manufacturing facility that later distributed salmonella-laced product to unsuspecting consumers with fatal results.
Harry Markopoulos, a Certified Fraud Examiner, made his way for the second time to the U.S. Securities and Exchange Commission with incontrovertible proof of the largest Ponzi scheme in history. They did not heed his warning.

Learning Our Way

The heroic recovery efforts of 2001 were well documented. The events of that year influenced crisis response and business continuity. Multiple sectors reshaped precautionary government and non-governmental organization advisories to reach diverse global audiences:
1.      Evacuation and shelter-in-place guidelines
2.      Procedures for mail handling and identifying or reporting suspicious packages
3.      Security guidelines including facility access control and suspicion reporting
4.      Travel guidelines, restrictions and tips
5.      All-channel risk reporting and status update communications protocol
The realization that “all-hazards” protection was required became obvious as risk-related compliance legislation was passed in every country around the world. Resultant “board level risk” brought the protection portfolio into the light. Governments began to understand that arguably 90 percent of critical infrastructure is in the private-sector domain. They also learned that response to global catastrophe required all hands, including NGOs.

The Opportunity

The dots are there for protection professionals and others to connect. Current and evolving risk resilience requires courageous cross-functional leadership and systematic methodologies that will transcend any one group. Brand reputation in any sector will continue to be earned by those who can take a hit and bounce back. There is much work to do before, during and after the next disasters of consequence… and there are fewer resources.
High-morbidity pandemic is still on the horizon. Networks remain both the target and the means for multinational organized crime including theft, fraud and terror. Criminals, inside and out, continue to exploit the soft targets around the world. Critical infrastructure, including intelligence and first responder agencies, are still uncomfortably vulnerable. More than ever, supply chain and critical process management are required for both proprietary and critical dependency environments. Threat appreciation, exception detection and response preparedness must be improved.
The failures of persuasive risk detection, compliance and effective mitigation have left us with unnecessary injury, death, damage, loss and deficits worldwide. Confidence has been measured at the all-time low since the Great Depression. Counter-intuitively, the resultant downsizing, rightsizing and re-engineering may be a gift – if and when we re-deploy more intelligent, nimble, cross-functional, and return-on-investment capable protection elements. Good and best practices will continue to evolve from risk intelligence linked with integrated mitigation innovation and performance.

The Data is In

Brand reputation is performance dependent. Stakeholders can no longer afford only heroic efforts after the fact. They expect us to prevent and mitigate, and to navigate compliance and emerging risk. We need to identify high-risk conditions and apply ourselves effectively before the event. Cross-functional talent, tools and training are required to prepare for and weather the storm.

In their 2006 study, “Protecting Value in the Face of Mass Fatality Events,” Doctors Rory Knight and Deborah Pretty analyzed shareholder value impacts for a wide range of firms following mass-casualty events including aviation disasters, fires and explosions, terrorist attacks and natural catastrophes. The nearby chart implies that the ability to manage a mass-fatality event (i.e. winners) is even more impressive to investors, and the inability to manage such an event is even more disappointing (i.e. losers), than in less tragic corporate crises.

Our call to action demands holistic risk management. Our ability to identify effective prevention and mitigation before the fact will serve us well in all instances. Protecting people, assets and critical process effectively protects brand and ensures community resilience.