Share with your friends


Analytics Magazine

Surviving global terror: How businesses can better track risks

Virág Fórizs and Shane LatchmanBy Virág Fórizs and Shane Latchman

In 2015 and 2016, extremist groups carried out 33 successful terrorist attacks in Western countries – up from an average of three per year in the preceding decade. The overwhelming majority of terrorist attacks take place in a small handful of countries, with attacks in the West representing only 0.3 percent globally in 2016. But the increase in the frequency and fatality rates associated with these attacks means that terrorism is now firmly back on the corporate risk register, regardless of where a company’s assets may be located.

Managing this terror risk has become an essential part of any business strategy that strives to protect personnel, property, information and privacy. In preparing a strategy, relevant sets of data and analytics can be employed to estimate potential effects of terrorist attacks – and help predict risks that companies and communities may be facing.

Counting the Costs: Damage, Disruption, Cyber

The most obvious threat that businesses face from terrorist attacks comes from physical damage to assets. Explosives – which were used in 53 percent of the attacks in the West in 2015 and 2016 – can cause substantial physical damage to their targets and to commercial property caught in the blast zone. While such costs are borne in the first instance by insurers, they can ultimately trickle down to increased policy premiums.

For all but the most catastrophic attacks, however, these costs are typically outweighed by the economic costs associated with disruption to business. Disruptions can occur when locations are sealed off while public authorities conduct investigations and repairs are made. For instance, though the physical property damage caused by the attacks in Paris on Nov. 13, 2016, was limited, large parts of the city were effectively shut down for several days, shuttering all businesses in the affected areas.

Companies are increasingly at risk of politically motivated cyber attacks. Photo Courtesy of | © sangoiri

Companies are increasingly at risk of politically motivated cyber attacks.
Photo Courtesy of | © sangoiri

Those costs can be compounded in areas that are reliant on the ongoing confidence of tourists, which can be shaken where the threat from terrorism rises. Declines in visitors to Paris following the attacks there in 2015 are estimated to have cost €750 million. Countries such as Kenya, Tunisia, Turkey and Egypt are suffering from reduced tourism revenues following attacks by Islamist extremist militants, including the June 2015 attacks on two hotels in the Tunisian city of Sousse, which left 38 tourists dead and 39 others injured. While the steady recovery of tourist numbers following the 2005 attacks in the Red Sea resort of Sharm el-Sheikh, Egypt, demonstrates that revenue levels can eventually rebound, the current terrorist threat is likely to remain for the foreseeable future, proving potentially costly to businesses located in the affected regions.

Companies are also increasingly at risk of politically motivated cyber attacks, otherwise known as “hacktivism.” While many attacks may cause malicious damage to digital infrastructure, a small number of attacks have demonstrated the capacity to have physical impacts. Although some attacks are suspected to originate from hackers working with the support of foreign governments, hacking into critical national infrastructure, industrial control systems or company networks is within the capability of non-state actors.

Tools to Track the Terrorism Threat

Precise prediction of terrorist attacks is notoriously difficult. By their nature, terrorist organizations largely operate in the shadows to avoid detection and will often look to change their methods once security services begin to gain the upper hand. However, risk managers and insurers aren’t operating entirely in the dark. A number of resources and tools can help them better track their exposure and mitigate risk appropriately.

A good starting point is to investigate and review databases of historic events. Such databases can include hundreds of thousands of incidents from multiple decades and can capture a range of important attributes about attacks, such as the date, location, attack type, fatality count and perpetrator group, among others. While terrorists intend their attacks to be difficult to predict and prevent, their tactics are often recycled, including the weapons used and the types of targets.

For instance, a local terrorist organization whose strategic rationale involves the targeting of Western economic interests can be broadly expected to conduct further attacks on similar targets. By referencing terrorism data to identify terrorist actors that predominantly target Western targets, risk managers are better equipped to prepare for an attack and put a response protocol in place in the event of a successful attack.

In addition to data on history and outcomes, it’s vital to have an assessment of the level of terrorist threat and the ability of security forces to conduct counterterrorism. Any truly useful quantification of terrorism risk therefore requires information not solely dependent on historical data. Expert judgment can also be deployed to signal potential shifts in strategy by a terrorist organization ahead of the data showing it in action. For example, some analysts produce metrics that provide clients with a more holistic view of the true extent of the risk they face.

Modeling tools play a vital role in developing a more robust view of potential losses. The current approach of approximating a bomb’s blast as concentric rings with a percentage applied to the total value is often overly conservative. Using a terrorism model that simulates losses from blasts could allow insurance companies to have a more robust view of potential losses. Analytics and modeling can also be used to help spot weak links and bottlenecks in a company’s supply chain. Companies would be able to overlay their supply chain (for example, a network of suppliers, distributors and routes) on maps representing terrorism risk as a way to potentially identify areas of greatest vulnerability.

Moving to Better Risk Management

Natural hazards and other perils often follow long-term patterns and trends that allow insurers and risk managers to develop a view of what is likely to happen in the future – and to prepare for those possibilities. Conversely, terrorist groups intentionally seek to do the unexpected. While patterns and trends can be identified, the desire of terrorists to advance and escalate their campaigns – combined with their need to avoid detection by security forces – means that predicting terror events probably won’t become an exact science. But relevant data and analytics, together with informed judgment, can lead to more realistic risk estimates and better risk management.

Virág Fórizs is a terrorism and security analyst at Verisk Maplecroft, a Verisk Analytics business. Shane Latchman is assistant vice president at AIR Worldwide, a Verisk Analytics business.

Analytics data science news articles


Fighting terrorists online: Identifying extremists before they post content

New research has found a way to identify extremists, such as those associated with the terrorist group ISIS, by monitoring their social media accounts, and can identify them even before they post threatening content. The research, “Finding Extremists in Online Social Networks,” which was recently published in the INFORMS journal Operations Research, was conducted by Tauhid Zaman of the MIT, Lt. Col. Christopher E. Marks of the U.S. Army and Jytte Klausen of Brandeis University. Read more →

Syrian conflict yields model for attrition dynamics in multilateral war

Based on their study of the Syrian Civil War that’s been raging since 2011, three researchers created a predictive model for multilateral war called the Lanchester multiduel. Unless there is a player so strong it can guarantee a win regardless of what others do, the likely outcome of multilateral war is a gradual stalemate that culminates in the mutual annihilation of all players, according to the model. Read more →

SAS, Samford University team up to generate sports analytics talent

Sports teams try to squeeze out every last bit of talent to gain a competitive advantage on the field. That’s also true in college athletic departments and professional team offices, where entire departments devoted to analyzing data hunt for sports analytics experts that can give them an edge in a game, in the stands and beyond. To create this talent, analytics company SAS will collaborate with the Samford University Center for Sports Analytics to support teaching, learning and research in all areas where analytics affects sports, including fan engagement, sponsorship, player tracking, sports medicine, sports media and operations. Read more →



INFORMS Annual Meeting
Nov. 4-7, 2018, Phoenix

Winter Simulation Conference
Dec. 9-12, 2018, Gothenburg, Sweden


Applied AI & Machine Learning | Comprehensive
Starts Oct. 29, 2018 (live online)

The Analytics Clinic
Citizen Data Scientists | Why Not DIY AI?
Nov. 8, 2018, 11 a.m. – 12:30 p.m.

Advancing the Analytics-Driven Organization
Jan. 28–31, 2019, 1 p.m.– 5 p.m. (live online)


CAP® Exam computer-based testing sites are available in 700 locations worldwide. Take the exam close to home and on your schedule:

For more information, go to