It is five years since the publication of Nassim Nicholas Taleb’s book The Black Swan. In the book, Taleb introduces the concept of Black Swan events, which he characterizes as events that are 1) rare; 2) extremely impactful and 3) often endowed by people – after the fact – with elements of predictability. Taleb argued that uncertainty cannot be tamed, in his words, and that it is foolish to attempt to tame it.
Historically, there has been a perception that security leaders are less than comfortable with unpredictability. If that’s the case, it’s understandable. After all, for many of these individuals, part of the job is knowing the future – preparing for every contingency and knowing when and how each event is likely to happen. They’re also often penalized by management for not predicting or preparing for everything. But today, Taleb’s Black Swan concept is integrating itself into more organizations’ understanding of security, and it’s proving a sensible and beneficial way to view and manage risk.