Executive Briefings

If You Eliminate Risk by Spending Money, Should You Keep Investing in Risk Avoidance?

As the saying goes: "One does not get promoted based on cost avoidance." One of the reasons is that costs avoided do not show up on financial statements. On the other hand, costs incurred - including security outlays - are visible, and often become prime targets for the CFO's cost-cutting knife.

If You Eliminate Risk by Spending Money, Should You Keep Investing in Risk Avoidance?

In my 2005 book, The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage (MIT Press, 2005), I wrote that continuous security, resilience and risk mitigation efforts can be hampered by their own success. I gave the example of Sun Microsystems, which suffered a spate of freight thefts in Europe. To fight the phenomenon, Sun hired escorts for trailers carrying high-value Sun gear and monitored logistics personnel to reduce inside-job leaks of information about these shipments. As a result of the measures Sun cut its losses to zero.

Later, when managers asked why the company was spending so much money for escorts in the absence of hijackings, security managers faced the classic Catch-22 dilemma mentioned earlier.

Insurance companies face this issue when selling disruption insurance, or when trying to convince manufacturers to reduce both the likelihood and impact of business interruptions through measures such as increasing inventory levels and developing alternative suppliers.

How can security professionals present a convincing case for investments in supply chain resilience in the face of such skepticism? There are three possible approaches.

Read Full Article


Keywords: supply chain risk management, business interruption, business continuity strategies, supply chain management

In my 2005 book, The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage (MIT Press, 2005), I wrote that continuous security, resilience and risk mitigation efforts can be hampered by their own success. I gave the example of Sun Microsystems, which suffered a spate of freight thefts in Europe. To fight the phenomenon, Sun hired escorts for trailers carrying high-value Sun gear and monitored logistics personnel to reduce inside-job leaks of information about these shipments. As a result of the measures Sun cut its losses to zero.

Later, when managers asked why the company was spending so much money for escorts in the absence of hijackings, security managers faced the classic Catch-22 dilemma mentioned earlier.

Insurance companies face this issue when selling disruption insurance, or when trying to convince manufacturers to reduce both the likelihood and impact of business interruptions through measures such as increasing inventory levels and developing alternative suppliers.

How can security professionals present a convincing case for investments in supply chain resilience in the face of such skepticism? There are three possible approaches.

Read Full Article


Keywords: supply chain risk management, business interruption, business continuity strategies, supply chain management

If You Eliminate Risk by Spending Money, Should You Keep Investing in Risk Avoidance?