Top Critical Event Management Threats This Year

Introduction

2024 is underway, and what a year it promises to be.

For one, an estimated 400 billion peopleⁱ will cast votes in elections this year.

Unprecedented numbers aside, the elections themselves will be held in some of the largest countries and geopolitically strategic regions.

Taiwan, for example, will head to the pollsⁱⁱ as tensions with the mainland reach a boil.

India, the world’s largest democracy, votes in the early spring. An estimated 900 million voters are expected to participate.ⁱⁱⁱ

In June, the EU will hold elections for its Parliament.^iv That Parliament gets the right to vote down the proposed Commission President of the world’s largest economic bloc.

Meanwhile, the world’s largest presidential election is slated for this year, as well, in Indonesia.^v

And those are all before what some are considering the biggest event of them all: the U.S. presidential elections in November.

It’s no surprise then that geopolitical risk is likely to feature prominently among critical event threats in 2024.

But it’s not likely to be the only threat on the list. The others top critical event threats of 2024 are.

Supply chain snarls

A consequence of the Israel-Hamas War, Red Sea shipping lanes already began the year ensnarled. Attacks by Houthi rebels in Yemen^vi on commercial vessels going through the Red Sea have effectively closed the critical shipping lane to trade, despite an international military coalition organized by the U.S.

But how important is the Red Sea to global trade? The Red Sea is the entry into and exit out of the Suez Canal, the most important waterway between Europe and Asia.

Indeed, 40 per cent of inter-continental trade transits through the Red Sea, according to the Council on Foreign Relations.^vii

Not just Europe and Asia are affected, though. A third of all container traffic flows through the Red Sea. And 12 per cent of seaborne oil goes through the Suez Canal.^viii

Shutting down Red Sea trade, as shipping giant Maersk has done, will mean major disruption.ⁱ Those disruptions will mean increased cost for customers.

For context, the far longer trade route around the Horn of Africa adds an additional USD 1 million in fuel costs to the round-trip fare.ⁱ

Nor is the Red Sea the only supply-chain flash point.

Though cut through tropical jungle, the Panama Canal Zone is in the midst of a historic drought. In fact, the Canal, through which 40% of all U.S. container traffic travels, has become so dry that ships are having to idle or sail entire continent(s) out of the way to get through more passable waterways.

Meanwhile, many markets are likely to be affected by the first full year of Chinese graphite export restrictions. As of December 2023, Chinese exporters have had to apply for permits to ship graphite. Graphite, of which China is the world’s top producer, is a key component in electric vehicle (EV) manufacturing.^xi

It won’t just be the first full year of graphite restrictions, either. In 2023, China also issued export restrictions on germanium and gallium products critical to semiconductor manufacturing.^xii.

Cost of living crisis

Continuing supply-chain disruption in 2024 is likely to exacerbate the cost-of-living crisis under which most consumers are laboring.

How deep is the discontent?

When polled in the autumn^xiii, U.S. voters revealed that the economy or the cost of living remained the most important issue facing the country. Indeed, few were optimistic about where the economy was headed.

Similarly, in the U.K., the economy (35%) and inflation (25%) were the top two concerns, according to Ipsos Issue polling.^xiv

Consumers aren’t the only ones suffering. For the first time, cost-of-living featured on the BCI Horizon Scan 2023’s list of top incidents, where it’s expected to stay until inflationary conditions ebb.

Cyber attack

A perennial feature of that list is cybersecurity. And cyber-attacks are likely to remain a top critical event threat in 2024.

Already in this new year, the British Library^xv, Beirut International Airport^xvi, and mortgage loan firm loanDepot^xvii have been hit by high-profile attacks. 

Based on the data, they aren’t likely to be alone.

Indeed, the Apple-supported study, The Continued Threat to Personal Data confirmed that data breaches were at an all-time high for U.S. businesses in the first nine months of 2023, with global organizations facing similar trends likely to spill over into this year.

Ransomware attacks, specifically, skyrocketed. High-profile targets included Royal Mail, the U.S. Marshals Service, TSMC, MOVEit, and others.

The MOVEit breach alone affected more than 2000 organizations^xviii and over 62 million people, with data taken from government agencies, school systems, big businesses, even HR and payroll services.

Meanwhile, the rise of ransomware-as-a-service portends much of the same this year, i.e., more breaches and service shutdowns as well as heftier payments.

Third-party risk

This year hackers are also likely to continue turning their attention to vulnerabilities in vendor’s systems to gain access to the data stored by organizations reliant on the vendor.

Already last year, a staggering 98 per cent of organizations^xix reported now having a relationship with a vendor that experienced a breach within the last two years, attesting to the need for stricter third-party risk management protections .

To highlight the point that more needs to be done, the Basel Committee on Banking  cited third-party risk management in its incomplete report card to banks for lagging in adopting Committee principles on operational resilience and operational risk.

Severe weather

The year got underway with a magnitude 7.6 earthquake in Japan on New Year’s Day. The earthquake, which has left at least 168 dead, dozens missing, and over a thousand displaced, is another reminder of the severe weather threat, which is likely to remain one of the top risks in 2024.^xix

Indeed, in the U.S. alone, 2023 saw a staggering 28 weather/climate disaster events with individual losses exceeding $1 billion.^xxi

That figure was up eight from the year before. But it was a staggering increase of 20 from the 1980-2022 yearly average, suggesting a deteriorating risk environment.

Physical security

Physical security risk remains acute, as well. Two-thirds of corporate leaders surveyed in a Global Guardian report revealed that they were experiencing an increase in the number of security threats facing their organization compared to 2019.^xxii

However, since 2019, corporate security budgets have been slashed, specifically at the beginning of the pandemic. And despite subsequent increases, budgets have yet to reach 2019 levels.^xxiii

Strategies to address the critical event threat

So, what can be done to mitigate these risks that are coming from everywhere?

One strategy is to increase awareness of the critical need to adopt benchmark standards for security and resilience and business continuity, such as ISO 22301.

Besides that, organizations must also increase centralizing risk scanning processes to enhance risk mitigation and enable a more proactive response to evolving threats.

These measures should all fall under the banner of critical event management.

Indeed, critical event management, the cross-functional practice dedicated to managing an organization’s preparation, response, and recovery from events that impact its continuity, operations, and safety serves to efficiently align inter-departmental (or agency) resources to respond to disruptive incidents.

This work includes teaming up stakeholders from relevant business lines, improving inter-departmental (or multi-stakeholder) coordination and communication flows, integrating necessary processes, and post-hoc reporting and analysis.

What are the benefits? Well, a critical event might spring up in one line of the business, but rarely does it stay put.

The damage tends to spill over. When that happens, individual departments are powerless to address the damage, even if those departments have invested heavily in advanced technologies. Most times, the operative systems (and the data they hold) will not inter-operate across departments.

Critical event management, on the other hand, helps organizations to anticipate and respond to these threats.

Effective critical event management (specifically) enables effective, interdepartmental communication mechanisms, giving business leaders a dynamic, consolidated view of threats, automated functionality to assess and respond to those threats, as well as information capture capabilities for critical event reporting.

At a glance, the benefits of effective critical event management are:

• Improved communication and coordination
• Operational efficiency
• Better visibility and situational awareness
• Enhanced threat forecasting
• Leaves an audit trail
• Reduced costs

Critical event management technology in today's business landscape

How to implement critical event management strategies expeditiously in 2024? We recommend critical event management software. These are solutions and related services designed to manage an institution’s preparation, response, and recovery from events that impact continuity, operations, and safety.

But not just the high-impact events we cited above. Critical event management solutions can also help organizations handle the lower-impact events and critical issues they’ll face in 2024.

That gives the organizations that procure these solutions an advantage; namely, they can use the same tools to manage routine, smaller issues as they do for larger impact events.

Of course, basic benefits will come from digitizing critical event management strategies in 2024 (including communications, incident response, and case management) in the first place.

So, what do the core components of critical event management solutions look like? Here are critical event management software capabilities to address the top critical event threats in 2024:

• Crisis management. Advanced solutions apply best practices to plan for, respond to, and manage critical events and exercises. Built on international standards, such as ISO 22398, the solutions enable faster response, better collaboration using plans and playbooks, smart workflows, and real-time dashboards and insights, ensuring better incident response, decision-making, and continuous improvement.
• Incident response plans and checklists. Best-practice libraries come included do organizations can easily create crisis strategies and action plans for different types of events that define the required strategy, action items, completion time targets, and people involved.
• Critical infrastructure protection. Innovative solutions keep up with the escalating risk to key assets, assessing those risks in advance and monitoring critical facilities throughout the emergency response process.
• Welfare checks. The solutions enable organisations to send welfare check messages to their event response staff or any other type of contact. Organizations can easily collect their replies to identify who needs assistance and prioritise follow-up actions.
• Crisis communications. These single systems help organisations manage complex communications, centralising, approving, and standardising their crisis response. these solutions provide effective communication pathways for all aspects of incident management.
• Emergency management. These tools provided all that is needed to manage any incident effectively through the entire lifecycle of mitigation, preparedness, response, and recovery, following ISO, ICS, and other national standards. They keep your whole team following the same plans, communicating on the same platform, and viewing the same operating picture - from any place or device.
• Incident and resource mapping. Comes equipped with powerful mapping tools to create multilayers maps, integrating both external feeds and any information housed within the platform.
• Operational cycle management. These systems support the battle rhythm of your response operations, understanding and tracking reporting periods.
• Community lifeline monitoring. These systems provide executive-level insight into safety threats to the public and to staff, by regularly assessing community lifelines.

Conclusion

2024 is young, and already the risk environment looks dire. It’s likely only to get dire as the year progresses.

But don’t remain a passive actor to a darkening threat picture this year. Instead, make this the year that you implement proactive critical event management strategies in conjunction with integrated resilience and critical event management software to facilitate a comprehensive and holistic approach to resilience, crucial collaboration and coordination, and critical insights about the threats to come.

Sources

1. Business Today Desk, Business Today: The year of elections: 4 billion people will cast a vote in over 60 countries in 2024. Available at https://www.businesstoday.in/latest/world/story/the-year-of-elections-4-billion-people-will-cast-a-vote-in-over-60-countries-in-2024-412123-2024-01-06.
2. Le Monde: European Parliament elections set for June 6 to 9, 2024. Available at https://www.lemonde.fr/en/europe/article/2023/05/17/eu-parliament-elections-set-for-june-6-to-9-2024_6026980_143.html.
3. Ananda Teresia and Bernadette Christina, Reuters: Indonesia presidential frontrunner under fire as rivals attack defence plans. Available at https://www.reuters.com/world/asia-pacific/indonesia-presidential-frontrunner-under-fire-rivals-attack-defence-plans-2024-01-08/.
4. Michael Race, BBC: What do Red Sea assaults mean for global trade? Available at https://www.bbc.com/news/business-67759593.
5. Noah Berman, Council on Foreign Relations: How Houthi Attacks in the Red Sea Threaten Global Shipping. Available at https://www.cfr.org/in-brief/how-houthi-attacks-red-sea-threaten-global-shipping.
6. Ibid.
7. Nick Robertson, The Hill: Maersk says Red Sea diversion will cause major disruptions. Available at https://thehill.com/business/4391230-maersk-red-sea-diversion-disruptions/.
8. Noah Berman, Council on Foreign Relations: How Houthi Attacks in the Red Sea Threaten Global Shipping. Available at https://www.cfr.org/in-brief/how-houthi-attacks-red-sea-threaten-global-shipping.
9. Emily Benson and Thibault Denamiel, Center for Strategic & International Studies: China’s New Graphite Restrictions. Available at https://www.csis.org/analysis/chinas-new-graphite-restrictions.
10. Ibid.
11. Ariel Edwards-Levy, CNN: CNN Poll: Biden’s job approval has dropped since start of the year as economic concerns remain prevalent. Available at https://www.cnn.com/2023/12/06/politics/cnn-poll-biden-economy-crime/index.html.
12. IPSOS: Issues Concerning Britons – Issues Index. Available at https://www.ipsos.com/en-uk/uk-opinion-polls#:~:text=Issues%20Concerning%20Britons%20%2D%20Issues%20Index,November%202023%20Ipsos%20Issues%20Index.
13. Daniel Cassady, ARTNews: Hundreds of Online Museum Collections Suffer in Cyber Attack. Available at https://www.artnews.com/art-news/news/cyber-attack-museums-gallery-systems-1234692222/.
14. Pierluigi Paganini, Security Affairs: A Cyber Attack Hit the Beirut International Airport. Available at https://securityaffairs.com/157079/hacking/cyber-attack-hit-beirut-international-airport.html.
15. StreetInsider: loanDepot (LDI) Experienced a Cybersecurity Incident. Available at https://www.streetinsider.com/Corporate+News/loanDepot+%28LDI%29+Experienced+a+Cybersecurity+Incident/22604157.html.
16. Wes Davis, The Verge: MOVEit cyberattacks: keeping tabs on the biggest data theft of 2023. Available at https://www.theverge.com/23892245/moveit-cyberattacks-clop-ransomware-government-business.
17. Professo Stuard E. Madnick, Ph.D., Apple News: The Continued Threat to Personal Data: Key Factors Behind the 2023 Increase. Available at https://www.apple.com/newsroom/pdfs/The-Continued-Threat-to-Personal-Data-Key-Factors-Behind-the-2023-Increase.pdf.
18. Hiro Komae et al, AP News: Thousands forced from homes by a deadly Japan earthquake on New Year’s face stress and exhaustion. Available at https://apnews.com/article/japan-earthquake-ishikawa-disaster-evacuation-rescue-snow-c09c02361314860712ca5a5e9f52d3a5.
19. National Centers for Environmental Information: Billion-Dollar Weather and Climate Disasters. Available at https://www.ncei.noaa.gov/access/billions/.
20. Dale Buckner, Security Info Watch: Threats to corporate security are on the rise. Available at https://www.securityinfowatch.com/security-executives/article/21287754/threats-to-corporate-security-are-on-the-rise.
21. Madeline Lauver, Security Magazine: Security budgets may double or triple in 2022. Available at https://www.securitymagazine.com/articles/96802-security-budgets-may-double-or-triple-in-2022.