World Monitor Mag, Industrial Overview WM_November_2018_WEB_Version | Page 84
additional content
including the City Hall of Port-au-
Prince, the Presidential Palace, the
National Assembly building, and the
headquarters of the United Nations
Mission in Haiti. It also destroyed or
severely damaged virtually all vital
infrastructure — including telephone
and other communication systems,
hospitals and other medical facilities,
and airports and seaports — essential
to response and recovery. And because
the quake struck during the afternoon,
when business, government, and NGO
offices were open, many experienced
professional crisis managers were
killed. These factors, which were not
anticipated, gravely compounded the
effects of the earthquake.
2. Vulnerable
technology. Society’s
dependence on the Internet (and,
increasingly, on connected devices
in the Internet of Things) makes it
exceedingly vulnerable to asymmetric
threats. Paradoxically, the Internet
itself evolved out of an attempt to
forestall an asymmetric threat. The
original Internet, called the “ARPANET,”
after the U.S. Defense Department’s
Advanced Research Projects Agency
(ARPA), was an effort to make critical
control of communications technology
invulnerable to nuclear attack, through
the concept of distributed computation,
or “packet switching.” In fits and starts,
the ARPANET extended its reach,
until ultimately it became open to all,
including those who see advantage in
selectively undermining it.
As companies surrender more and
more of their operations (and even
agency) to automated systems, they
tend to expect that the technology
will always work as designed. This
expectation becomes an Achilles’ heel
— a vulnerability that will continue to
be exploited by individual hackers and,
82
world monitor
Society’s
dependence on
the Internet
(and,
increasingly,
on connected
devices in the
Internet of
Things) makes
it exceedingly
vulnerable to
asymmetric
threats
increasingly, by sophisticated nation-
states. And the odds are in their favor:
With most digital technology, sabotage
costs far less, and has a far greater
ROI, than prevention. Even low-tech,
low-resource mechanisms such as
off-the-shelf ransomware acquired on
the Dark Web can disrupt the basic
technology that undergirds virtually
every institution’s operations.
The corrosive effect of repeated
cyber theft and identity theft leaches
down to the consumer level as well; it
becomes a constant, unwelcome fact
of life. A 2017 PwC consumer survey
on cybersecurity reveals that only 10
percent of consumers feel they have
complete control over their personal
information, and that consumer trust
in both businesses and the government
with respect to protection of their
personal data is fading. Businesses,
meanwhile, are struggling to find the
right balance between missing (or
not disclosing) breaches and sending
too many false positive warnings
to consumers. The sheer scale and
frequency of these kinds of threats are
so potentially terrifying that individuals
(and organizations) can become numb
to them — a passive attitude that
further wears down their resistance
when a breach happens.
Other technologies are also vulnerable.
Breakdowns in autonomous vehicles, in
dams and water management systems,
and in health-related technologies are
far more manageable when they are
expected to fail. When technological
failure is seen as unacceptable or
impossible, this threat becomes more
serious.
3. Underestimated
disasters.
Sometimes the worst-case scenario
actually happens. And, typically, human
beings are biased against foreseeing
and preventing it, because of economic
concerns, liability issues, a lack of
long-term memory, or simply denial or
rationalization.
The most common case in this
category is a potential threat that
leaders are aware of — for example,
a natural disaster such as a hurricane,
flood, drought, earthquake, tsunami,
or wildfire — whose damage is easy
to underestimate. At the same time,
leaders may overestimate their
capacity to handle it. This perception,
rather than the threat itself, poses the
greatest risk. This category, however,
does offer a great opportunity for
learning, preparedness, and future
mitigation, on the part of both the
public and private sectors.
When compounded by the first two
asymmetric threats — unprotected
infrastructure and vulnerable technology
— underestimated disasters can expand
to inconceivable magnitude.
By strategy &