Narrowing, narrowing, narrowing down into the details is usually the problem-solving tactic that technical people working on technical problems gravitate toward. They are good at it, and it often works, so why not?
In IT, especially, this skill is honed on a daily basis, in work on both existing tools and systems, and planning and development of new projects – themselves designed to solve a problem, while avoiding risk, and quickly. At the core, the technology is both the problem and the solution.
A piece published in the World Economic Forum blog suggests a strategy toward effective risk management that in a sense takes the broadest view possible in order to reduce the focus on specific technologies.
William H. Saito, president and CEO of InTecur and member of the World Economic Forum’s Global Agenda Council on Catastrophic Risks, writes:
“People usually want to bring together the most brilliant minds in a variety of cutting-edge fields to plan, analyse or defend against some new technology. But, all you really need to do is look at how similar problems are dealt with in nature.”
Nature’s answers could include those on a cellular level:
“Failing IT security is an increasing and potentially catastrophic risk, but the fertilization of a human egg may provide a solution. Only one sperm is allowed to get inside that egg, and once it does, the doors are closed and locked – even though there are thousands of identical candidates banging on the door, each carrying an identical DNA 'key' that should, in theory, grant them access. Talk all you want about biometric authentication – this is one pretty sophisticated security system at work.”
They could also include behavior among organisms that are intended to protect the group, not the individual:
“Why do some fish swim in schools or mammals herd together? Call it instinct or evolution, but the bottom line is that their risk management ‘protocols’ are an integral part of their being. Of course, individuals on the periphery of the swarm or the herd are more exposed and thus less secure, but this natural ‘system’ is designed to protect the group. The loss of a tiny fraction of its members is an acceptable element in the process of mitigating risk for the group.”
So, Enterprise Risk Management, writes Saito, can and must take cues from the natural world’s protections and reactions to risks. Done correctly, study of these systems will bring about a change in attitude in the risk community, from focus on single solutions to ever-changing problems to a “sustainable success.”