ISACA Ireland 2018
is almost here!
Please join me for my session "Risk Management in the Post-Information Age".
Disruptive technologies such as AI, IOT, and Bots are driving frenetic change in nearly all industries. Experts at IBM suggest that, by the end of this decade, disruptive technologies will cause the collective knowledge of humankind to double every 12 hours. This dramatic rate of change presents incredible opportunities (The Good) as well as unprecedented risk (The Bad). Unfortunately, current risk management practices are woefully inadequate for dealing with the unparalleled risk associated with the Post-Information Age (The Ugly).
This session will explore risk management practices from the 1500s to today and make a case for the rapid evolution of current risk management practices. The session will present bimodal risk management as the next generation of risk management practices. Bimodal risk management allows organizations to achieve compliance-driven value preservation while simultaneously using value creation to capitalize on the opportunities presented by disruptive technologies. During the session, we will explore examples of disruptive change in the financial sector, transportation sector, and others. We will offer specific strategies and tactics that enable organizations to prepare for the future and set the stage for transitioning to bimodal risk management.
RIMS 2018 is
almost here!
Please join me and my colleague Jeff Verner at RIMS2018 for our session "Robots and Risk Management".
Today we are on the verge of a technologic explosion driven by disruptive technologies such as technology robots, artificial intelligence (AI), Internet of Things (IoT), deep learning, and Big Data. These disruptive technologies are rapidly and dramatically altering the world we live in; pushing the pace of technological evolution to warp speed. The rate of change driven by disruptive technologies require that we fundamentally change the way we think about risk management. Disruptive technologies present countless opportunities for risk practitioners to create value instead of simply preserving value through organizational and regulatory compliance.
This is an update to my new writing project. Bi-modal Risk Management (BRM) recognizes that we must preserve the value we have already created but at the same time seek to create new value. My new book illustrates how risk practitioners can use new technologies like artificial intelligence (AI), deep learning, or the Internat of Things (IOT) to create value. Check back here and follow me on Twitter (@TaoOfRisk) for updates over the coming months as I finalize the manuscript and publish the book.
Bimodal Risk Management - A Survival Guide for the Future
I have started my next writing project that presents a risk management approach to help people and organizations cope with the massive technologic change we are facing today. Today we are on the verge of a technologic explosion fueled by artificial intelligence (AI), Internet of Things (IoT), deep learning, Big Data, technology robots, and other disruptive technologies. These disruptivie technologies are rapidly and dramatically altering the world we live in; pushing the pace of technological evolution to warp speed.
Checkout my presentation A New Paradigm - Asset Oriented Risk Management for the annual ISACA Ireland Conference. As usual the ISACA Ireland chapter were excellent hosts and had fantastic keynote speakers.
A BIG THANKS to Jack Jones for writing the forward for my new book Cultural Calamity: Culture Driven Risk Management Disasters and How to Avoid Them.
One of the most important factors in successful risk management is organizational culture. Unfortunately, few organizations take the risk management aspects of their culture seriously or even know how to address them when there are concerns. There are a number of factors that drive this, including:
Qualitative measures are highly influenced by someone's position and past experience, so something considered "high" to someone can be perceived as low or totally unimportant to the next person. Conversely, quantitative measures are explicit and not open to interpretation. I see risks logs that list the impact as “major,” “significant,” “substantial,” etc. There is no universally accepted definition of “significant” so one person’s “significant” may seem trivial to others. Without quantitative risk impact there is no way for an organization to understand their total risk exposure and whether they are within the risk tolerance levels established by the organizational risk policy. To effectively mitigate risk, its impact to the project must be quantitatively documented so treatment activities can be measured and tracked. It makes no sense to spend $50,000 treating a risk event that represents $10,000 in budget impact. Quantitative risk impact is a frequent topic of debate with pundits who argue that the uncertainty of risk makes it impossible to quantitatively measure.
A Potemkin Village is a term used to describe situations where a thinly veiled facade is created with no underlying substance. Legend has it that Grigory Potemkin became Governor of Southern Ukraine and Crimea after the Russian takeover in 1774. Potemkin was assigned to rebuild the areas after a series of wars between the Ottoman Empire and Russia. In 1787, the Russian Empress Catherine II and her entourage embarked on a six-month trip through the Ukraine and Crimea. To assure his continued favor with Catherine II, Potemkin is reported to have built a fake portable settlement along the banks of the Dnieper River. Each night after Catherine II and her entourage passed the village, Potemkin would have the village disassembled and reassembled further down river to give the impression of a thriving, prosperous economy however, reality was quite different. Many people question the authenticity of the legend but, true or not, the fact still remains that organizations do construct facades with very little substance behind them.
Page 1 of 3