The Transformational Power of Threat Assessments

Ignoring Risk won’t make it go away

Cyber crime is one of the most insidious threats facing businesses. As reported here, more than 50% of businesses have suffered cyber attacks–70% of them being small to medium-sized businesses with as many as 60% going out of business following such an attack.  Yet, one study found that 70% of organizations were unprepared to address cyber crime. 

Nevertheless, cyber crime is not the only threat facing businesses. For instance, as civil unrest has unfolded, small to medium-sized businesses across the country have faced the possibility of substantial property damage due to vandalism and arson. 

Given the reality of threats to our nation’s enterprises, how can business leaders plan for the unforeseen?

Luckily, there are a series of steps business leaders can take to secure the future of their organization. In what follows, we’ll guide you through the first step in this process, namely, conducting a threat assessment. 

What is the purpose of threat assessments?

According to Kim Meador, Executive Vice President and COO at Chesley Brown International,  a threat assessment is a formal evaluation conducted “to determine what risks and threats (internal or external) are likely and foreseeable and what the responsible actions are that a business can and should take to mitigate those risks.” 

Thus, a threat assessment, when done correctly, determines the most probable threats to a business. But how do executives identify the most pressing threats to their organization?

Let’s find out.

Consider the structure of your business

Is your business primarily web-based or situated in brick and mortar properties? 

Consider your business structure when evaluating risks–certain classes of threats are more likely to impact operations. When developing a threat assessment optimize time, energy, and money allocation by identifying the most serious threats.

This is an important consideration your business must address. As alluded to previously, cyber crimes are a monumental problem for businesses of all stripes. Yet, as a web-based startup, the entirety of your business infrastructure resides in the digital domain, and can be severely compromised following a cyber attack. Threats in the cyber domain include software update attacks, phishing attacks and ransomware attacks. Additionally, sensitive customer information is vulnerable to theft.

Many brick and mortar companies rely on web-based platforms for their day-to-day operations. But they must also consider the possibility of physical threats. Such threats include property destruction, physical harm to customers and employees, and theft.

It makes sense then that a web-based B2B marketing startup allocates a substantial portion of their time and resources to preventing a cyber attack. They may hire a dedicated professional, for example. This person monitors threats in real-time and optimizes the company’s digital footprint to protect against cyber crime.

An appliance store with multiple locations faces other threats. These threats include property damage and theft. Thus, the owner will need to balance a focus on protecting his employees, customers and property with protecting his or her digital assets—employing both security professionals on the ground and a team to manage web-based systems.

Once you’ve identified the class of threats most likely to impact your business, it’s time to get specific.

Specify: Develop a list of possible threat scenarios

You’ve identified the class of threats most likely to disrupt your organization, now what? It’s time to develop a list of specific situations that could disrupt operations. 

  1. Consider the statistics – What is the likelihood of a given threat based on the data? Look at the crime statistics for the area where your organization is situated. Based on these data, does it make sense to anticipate physical threats? If so, what are the most common threats?  
  1. Learn from business peers – Human beings are social creatures and when it comes to planning for threats, we should leverage our sociability. Reach out to peer executives to learn from their experiences. What threats have other companies addressed? What did they do right? What would they have done differently? 
  1. Identify the largest threats – Not all threats are created equal, and it’s important to weigh risks and allocate resources to the threats with the most potential to disrupt operations. First, whittle down your list of threats to those that will have a tangible impact on your organization. Rank those items and determine where you should allocate the most time and resources. 

Once you’ve identified a list of possible threats, it’s time to consider the most viable strategies to put in place.

Be creative and practical about threat management

What are some proactive and inexpensive ways you can prevent damage to your business based on your list of possible threats? Identify the aspects of your business that are most vital to its success and consider how you can bolster them against threats. 

For instance, imagine that you own a digital marketing firm with a reputation built on customer trust. Consulting with a business associate, you learn that a public relations blunder cost her thousands of dollars. After doing some research, you discover that PR crises are common for online companies. Based on this information you develop a new strategy focusing on employee communication. The strategy describes best practices for employee communication–focusing on public and private exchanges.. 

Conclusion

Anticipating threats to your company is a vital first step in ensuring a prosperous future for your company. Part of a broader strategy for protecting your company, threat assessments help your company plan for the unforeseen. 

After all, “if 2020 has taught us anything, it is that times can and do change. As a business owner, we have to prepare for everything that can disrupt our business. We have to have a plan. We have to review that plan. Test that plan. Adjust that plan. And then repeat” – Chesley Brown Vice President and COO, Kim Meador.

We understand that planning for the unforeseen can be an overwhelming process. That’s why we’ve built a framework that enables businesses to anticipate and navigate risk before it becomes a crisis. We are here to manage risk so you don’t have to. 

Let’s talk. 

Sign up!

For industry-leading guides and analysis sign up for our blog below.

  • This field is for validation purposes and should be left unchanged.

Latest News

Podcast | Risk Takers Series #1 The Aldrich Ames Espionage Case

By Chesley Brown | June 26, 2020

Dell Spry, a former FBI investigator and counterespionage expert, sits down to discuss the biggest case of insider theft in U.S. History: The Aldrich Ames Case. Hear how he, along with the help of the…

Read More
hand stopping dominos from falling, represent a crisis being prevents or stopped

10 Steps for Building a Crisis Management Communication Strategy

By Chesley Brown | June 23, 2020

Small changes have a big impact. As a public health crisis of worldwide proportions comes into focus, it is imperative for individuals, organizations, and nations to develop effective resilience strategies, including communications and outreach as…

Read More

7 Tips the Pros Won’t Tell You About Budgeting For Risk

By Chesley Brown | May 28, 2020

Every business must create its own process for identifying, testing, and budgeting for risk. We studied the data and talked to several industry-leading CSOs to find out how they do it. How much should your…

Read More
Two people riding a moving sidewalk into a bright white void to represent transformation

The Future of Work

By Chesley Brown | May 21, 2020

The Future of Work: Protecting Trade Secrets Written by: Dell Spry Many businesses, both large and small, are desperately seeking ways to keep their companies operational with all of  the closures and uncertainties associated with…

Read More
Graphic of two people Looking at charts and graphs representing a risk assessment

Managing Risk During a Pandemic

By Chesley Brown | May 12, 2020

5 Tips for Conducting Better Risk Assessments for a Pandemic In earlier sections, we discussed the need for a risk-based approach and outlined 6 New Business Risks to consider when preparing your business for coronavirus.…

Read More
The 7 Step Guide for Building Business Continuity Plans that Work