Share with your friends










Submit

Analytics Magazine

Surviving global terror: How businesses can better track risks

Virág Fórizs and Shane LatchmanBy Virág Fórizs and Shane Latchman

In 2015 and 2016, extremist groups carried out 33 successful terrorist attacks in Western countries – up from an average of three per year in the preceding decade. The overwhelming majority of terrorist attacks take place in a small handful of countries, with attacks in the West representing only 0.3 percent globally in 2016. But the increase in the frequency and fatality rates associated with these attacks means that terrorism is now firmly back on the corporate risk register, regardless of where a company’s assets may be located.

Managing this terror risk has become an essential part of any business strategy that strives to protect personnel, property, information and privacy. In preparing a strategy, relevant sets of data and analytics can be employed to estimate potential effects of terrorist attacks – and help predict risks that companies and communities may be facing.

Counting the Costs: Damage, Disruption, Cyber

The most obvious threat that businesses face from terrorist attacks comes from physical damage to assets. Explosives – which were used in 53 percent of the attacks in the West in 2015 and 2016 – can cause substantial physical damage to their targets and to commercial property caught in the blast zone. While such costs are borne in the first instance by insurers, they can ultimately trickle down to increased policy premiums.

For all but the most catastrophic attacks, however, these costs are typically outweighed by the economic costs associated with disruption to business. Disruptions can occur when locations are sealed off while public authorities conduct investigations and repairs are made. For instance, though the physical property damage caused by the attacks in Paris on Nov. 13, 2016, was limited, large parts of the city were effectively shut down for several days, shuttering all businesses in the affected areas.

Companies are increasingly at risk of politically motivated cyber attacks. Photo Courtesy of 123rf.com | © sangoiri

Companies are increasingly at risk of politically motivated cyber attacks.
Photo Courtesy of 123rf.com | © sangoiri

Those costs can be compounded in areas that are reliant on the ongoing confidence of tourists, which can be shaken where the threat from terrorism rises. Declines in visitors to Paris following the attacks there in 2015 are estimated to have cost €750 million. Countries such as Kenya, Tunisia, Turkey and Egypt are suffering from reduced tourism revenues following attacks by Islamist extremist militants, including the June 2015 attacks on two hotels in the Tunisian city of Sousse, which left 38 tourists dead and 39 others injured. While the steady recovery of tourist numbers following the 2005 attacks in the Red Sea resort of Sharm el-Sheikh, Egypt, demonstrates that revenue levels can eventually rebound, the current terrorist threat is likely to remain for the foreseeable future, proving potentially costly to businesses located in the affected regions.

Companies are also increasingly at risk of politically motivated cyber attacks, otherwise known as “hacktivism.” While many attacks may cause malicious damage to digital infrastructure, a small number of attacks have demonstrated the capacity to have physical impacts. Although some attacks are suspected to originate from hackers working with the support of foreign governments, hacking into critical national infrastructure, industrial control systems or company networks is within the capability of non-state actors.

Tools to Track the Terrorism Threat

Precise prediction of terrorist attacks is notoriously difficult. By their nature, terrorist organizations largely operate in the shadows to avoid detection and will often look to change their methods once security services begin to gain the upper hand. However, risk managers and insurers aren’t operating entirely in the dark. A number of resources and tools can help them better track their exposure and mitigate risk appropriately.

A good starting point is to investigate and review databases of historic events. Such databases can include hundreds of thousands of incidents from multiple decades and can capture a range of important attributes about attacks, such as the date, location, attack type, fatality count and perpetrator group, among others. While terrorists intend their attacks to be difficult to predict and prevent, their tactics are often recycled, including the weapons used and the types of targets.

For instance, a local terrorist organization whose strategic rationale involves the targeting of Western economic interests can be broadly expected to conduct further attacks on similar targets. By referencing terrorism data to identify terrorist actors that predominantly target Western targets, risk managers are better equipped to prepare for an attack and put a response protocol in place in the event of a successful attack.

In addition to data on history and outcomes, it’s vital to have an assessment of the level of terrorist threat and the ability of security forces to conduct counterterrorism. Any truly useful quantification of terrorism risk therefore requires information not solely dependent on historical data. Expert judgment can also be deployed to signal potential shifts in strategy by a terrorist organization ahead of the data showing it in action. For example, some analysts produce metrics that provide clients with a more holistic view of the true extent of the risk they face.

Modeling tools play a vital role in developing a more robust view of potential losses. The current approach of approximating a bomb’s blast as concentric rings with a percentage applied to the total value is often overly conservative. Using a terrorism model that simulates losses from blasts could allow insurance companies to have a more robust view of potential losses. Analytics and modeling can also be used to help spot weak links and bottlenecks in a company’s supply chain. Companies would be able to overlay their supply chain (for example, a network of suppliers, distributors and routes) on maps representing terrorism risk as a way to potentially identify areas of greatest vulnerability.

Moving to Better Risk Management

Natural hazards and other perils often follow long-term patterns and trends that allow insurers and risk managers to develop a view of what is likely to happen in the future – and to prepare for those possibilities. Conversely, terrorist groups intentionally seek to do the unexpected. While patterns and trends can be identified, the desire of terrorists to advance and escalate their campaigns – combined with their need to avoid detection by security forces – means that predicting terror events probably won’t become an exact science. But relevant data and analytics, together with informed judgment, can lead to more realistic risk estimates and better risk management.

Virág Fórizs is a terrorism and security analyst at Verisk Maplecroft, a Verisk Analytics business. Shane Latchman is assistant vice president at AIR Worldwide, a Verisk Analytics business.

Analytics data science news articles

Analytics Blog

Electoral College put to the math test


With the campaign two months behind us and the inauguration of Donald Trump two days away, isn’t it time to put the 2016 U.S. presidential election to bed and focus on issues that have yet to be decided? Of course not.


Headlines

Accenture security report identifies top cyber threats

With recent large-scale cyberattacks signaling a growing front in destructive threats and business impact, a new midyear report from iDefense, part of Accenture Security, reveals how threat actors are continuing to evolve their ability to avoid detection. Based on in-depth analysis, the report anticipates a growth in the number of threat actors who are rapidly expanding their capabilities due to factors such as the proliferation of affordable, customizable and accessible tools and exploits. Read more →

Job searchers: It’s not just who you know, but how well you know them

While online networking sites enable individuals to increase their professional connections, to what extent do these ties actually lead to job opportunities? A new study in the INFORMS journal Management Science finds that, despite the ability to significantly increase the number of professional connections and identify more job leads with limited effort on these sites, unless the connection is a strong one, they typically will not lead to job offers.  Read more →

UPCOMING ANALYTICS EVENTS

INFORMS-SPONSORED EVENTS

Essential Practice Skills for High-Impact Analytics Projects
Sept. 26-27, Executive Conference Center, Arlington, Va.

Foundations of Modern Predictive Analytics
Oct. 2-3, VT Executive Briefing Center, Arlington, Va.

2017 INFORMS Annual Meeting
October 22-25, 2017, Houston

2017 Winter Simulation Conference (WSC 2017)
Dec. 3-6, 2017, Las Vegas

CAP® EXAM SCHEDULE

CAP® Exam computer-based testing sites are available in 700 locations worldwide. Take the exam close to home and on your schedule:


 
For more information, go to 
https://www.certifiedanalytics.org.