We are all familiar with the ‘boiling frog’ story – if a frog is placed in boiling water (WHY!!!), it will jump out on feeling the impact of the heat. On the other hand, if the same frog was placed in cold water in a kettle and heated gradually, it will not be able to perceive the danger and will be cooked.
Whilst an activity I have no desire to conduct personally, it does provide a useful metaphor to illustrate how some organisations can be vulnerable to significant changes that happen gradually. My recent engagement with clients have highlighted this issue as many of them are seeking to confirm the risk environment that they are operating in. These companies are mindful that whilst their core business activities may not have changed, the surrounding environment may have done so without them being aware of this. For others this may not be the case.
When the heat rises in your business – don’t be the ‘boiling frog’
A timely example relates to the new mandatory requirement by the Australian Government for eligible Australian businesses to report any data beaches within their organisations. Failure to do so now entails significant financial costs for both individuals and the organisation. In addition to the government advice, Insight Global Risk provides additional guidance for the reader.
The rise of what I call ‘non-traditional’ regulatory requirements is an area that businesses need to focus on to avoid significant impacts on its capacity to continue operating.
If these areas are left unattended to any degree, their capacity to impact on the organisation both financially and reputation wise is significant.
What is involved with a Risk Health Check
Working with the clients referred to above, Insight Global Risk commences with what is essentially a Security Risk Health Check. Through a three step process, the business is able to:
- Establish a current security risk context;
- Develop a framework based on current best practices; and
- Conduct a detailed gap and vulnerability analysis.
A set of recommendations and actions (based on up to date and well understood picture of the risk environment) can then be applied and acted upon.
The benefits you receive from a Risk Health Check
Through this Risk Health Check process, a business in today’s environment will be better placed to:
- Maintain awareness of its risk exposure;
- Assess the suitability of its plans and processes against this exposure;
- Adapt and/or develop risk mitigation strategies; and
- Ensure the continuity of the business.
All’s well that ends well – if you’re prepared
Thankfully for Kermit and his fellow amphibian friends, the boiling frog theory has been debunked. Victor Hutchison, emeritus research professor from the Department of Zoology at the University of Oklahoma states:
“The legend is entirely incorrect! As the temperature of the water is gradually increased, the frog will eventually become more and more active in attempts to escape the heated water. If the container size and opening allow the frog to jump out, it will do so.”
(ABC Science 7th December 2010)
Like the frog in real life, if a business becomes aware of the change, it will hopefully become more active in its endeavours to escape and avoid a nasty ending.