The Transformational Power of Threat Assessments

Ignoring Risk won’t make it go away

Cyber crime is one of the most insidious threats facing businesses. As reported here, more than 50% of businesses have suffered cyber attacks–70% of them being small to medium-sized businesses with as many as 60% going out of business following such an attack.  Yet, one study found that 70% of organizations were unprepared to address cyber crime. 

Nevertheless, cyber crime is not the only threat facing businesses. For instance, as civil unrest has unfolded, small to medium-sized businesses across the country have faced the possibility of substantial property damage due to vandalism and arson. 

Given the reality of threats to our nation’s enterprises, how can business leaders plan for the unforeseen?

Luckily, there are a series of steps business leaders can take to secure the future of their organization. In what follows, we’ll guide you through the first step in this process, namely, conducting a threat assessment. 

What is the purpose of threat assessments?

According to Kim Meador, Executive Vice President and COO at Chesley Brown International,  a threat assessment is a formal evaluation conducted “to determine what risks and threats (internal or external) are likely and foreseeable and what the responsible actions are that a business can and should take to mitigate those risks.” 

Thus, a threat assessment, when done correctly, determines the most probable threats to a business. But how do executives identify the most pressing threats to their organization?

Let’s find out.

Consider the structure of your business

Is your business primarily web-based or situated in brick and mortar properties? 

Consider your business structure when evaluating risks–certain classes of threats are more likely to impact operations. When developing a threat assessment optimize time, energy, and money allocation by identifying the most serious threats.

This is an important consideration your business must address. As alluded to previously, cyber crimes are a monumental problem for businesses of all stripes. Yet, as a web-based startup, the entirety of your business infrastructure resides in the digital domain, and can be severely compromised following a cyber attack. Threats in the cyber domain include software update attacks, phishing attacks and ransomware attacks. Additionally, sensitive customer information is vulnerable to theft.

Many brick and mortar companies rely on web-based platforms for their day-to-day operations. But they must also consider the possibility of physical threats. Such threats include property destruction, physical harm to customers and employees, and theft.

It makes sense then that a web-based B2B marketing startup allocates a substantial portion of their time and resources to preventing a cyber attack. They may hire a dedicated professional, for example. This person monitors threats in real-time and optimizes the company’s digital footprint to protect against cyber crime.

An appliance store with multiple locations faces other threats. These threats include property damage and theft. Thus, the owner will need to balance a focus on protecting his employees, customers and property with protecting his or her digital assets—employing both security professionals on the ground and a team to manage web-based systems.

Once you’ve identified the class of threats most likely to impact your business, it’s time to get specific.

Specify: Develop a list of possible threat scenarios

You’ve identified the class of threats most likely to disrupt your organization, now what? It’s time to develop a list of specific situations that could disrupt operations. 

  1. Consider the statistics – What is the likelihood of a given threat based on the data? Look at the crime statistics for the area where your organization is situated. Based on these data, does it make sense to anticipate physical threats? If so, what are the most common threats?  
  1. Learn from business peers – Human beings are social creatures and when it comes to planning for threats, we should leverage our sociability. Reach out to peer executives to learn from their experiences. What threats have other companies addressed? What did they do right? What would they have done differently? 
  1. Identify the largest threats – Not all threats are created equal, and it’s important to weigh risks and allocate resources to the threats with the most potential to disrupt operations. First, whittle down your list of threats to those that will have a tangible impact on your organization. Rank those items and determine where you should allocate the most time and resources. 

Once you’ve identified a list of possible threats, it’s time to consider the most viable strategies to put in place.

Be creative and practical about threat management

What are some proactive and inexpensive ways you can prevent damage to your business based on your list of possible threats? Identify the aspects of your business that are most vital to its success and consider how you can bolster them against threats. 

For instance, imagine that you own a digital marketing firm with a reputation built on customer trust. Consulting with a business associate, you learn that a public relations blunder cost her thousands of dollars. After doing some research, you discover that PR crises are common for online companies. Based on this information you develop a new strategy focusing on employee communication. The strategy describes best practices for employee communication–focusing on public and private exchanges.. 

Conclusion

Anticipating threats to your company is a vital first step in ensuring a prosperous future for your company. Part of a broader strategy for protecting your company, threat assessments help your company plan for the unforeseen. 

After all, “if 2020 has taught us anything, it is that times can and do change. As a business owner, we have to prepare for everything that can disrupt our business. We have to have a plan. We have to review that plan. Test that plan. Adjust that plan. And then repeat” – Chesley Brown Vice President and COO, Kim Meador.

We understand that planning for the unforeseen can be an overwhelming process. That’s why we’ve built a framework that enables businesses to anticipate and navigate risk before it becomes a crisis. We are here to manage risk so you don’t have to. 

Let’s talk. 

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

Podcast | Risk Takers Series #05 Corporate Counterespionage

By Chesley Brown | August 4, 2020

Its not always the stuff of cold war spy novels but corporate or economic espionage continues to affect businesses all over the world both large and small at an exponential rate. It seems like there’s…

Read More

risk-takers #04 Brad Orsini – Community-based Security

By Chesley Brown | July 28, 2020

Visiting our places of worship shouldn’t be dangerous. Unfortunately, faith-based organizations are facing the difficult challenge of how to protect their congregations from religion-motivated violence, and still maintain the welcoming, open environment community members expect.

In this week’s episode Brent calls up Bradley Orsini, the Senior National Security Advisor of the Secure Community Network, the official safety and security organization of the Jewish community in North America to discuss these issues, lessons learned from the mass shooting at the Tree of Life Synagogue, and the most effective strategies faith-based organizations can use to protect their congregations.

Read More

Podcast | Risk Takers Series #04 Brad Orsini – Community-based Security

By Chesley Brown | July 28, 2020

Visiting our places of worship shouldn’t be dangerous. Unfortunately, faith-based organizations are facing the difficult challenge of how to protect their congregations from religion-motivated violence, and still maintain the welcoming, open environment community members expect.…

Read More

risk-takers #3 Surveillance Detection Routes (SDR)

By Chesley Brown | July 21, 2020

Have you ever had a gut feeling you were being followed? You might not be so crazy after all. It’s a frightening thought. You’ve spent years building your business, but all it takes is one bad day to compromise that dream. In this week’s episode Brent sits down with FBI Special Agent (Ret.) Dell Spry to discuss surveillance detection routes, what they are, and how they can be used as a spy detector device to find out if you are under surveillance.

Read More

Podcast | Risk Takers Series #3 Surveillance Detection Routes (SDR)

By Chesley Brown | July 21, 2020

Have you ever had a gut feeling you were being followed? You might not be so crazy after all. It’s a frightening thought. You’ve spent years building your business, but all it takes is one…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work