OODA Loop

Understand tomorrow, today.

Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis

Archive, OODA Original / by

Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino.

What To Know About Black Swans:

  • Nassim Nicolas Taleb introduced the business world to the concept of the Black Swan in his 2007 book by that name. He described Black Swans as unpredictable events that are beyond what is expected and have potentially severe consequences.
  • Since Black Swans are by definition unforeseeable events it does not make sense to try to predict them. Just know that historically this type of event can be hard to recover from or can produce the greatest opportunities.
  • So how do you prepare for the unpredictable?
    • Invest in preparedness, not in prediction
    • Do not over-optimize
    • Ensure agile decision-making processes
    • Intentionally gather information on the business environment
    • Understand dependencies
    • Retain dry powder for investing in unforeseen opportunities
    • Ensure resiliency of business processes and IT systems

What to Know About Gray Rhinos:

  • Michele Wucker introduced the term Gray Rhino at the World Economic Forum in 2013 then later in a book by the same name to describe events we should all see coming but overlook because we don’t take them seriously enough (see Matt Devost’s OODAcast interview of Michele Wucker). A Gray Rhino is a highly probable, high impact, yet neglected threat.
  • Ignoring obvious threats is, unfortunately, part of human nature. Government policy makers and business leaders both need to put processes in place to mitigate this human bias to ignore certain dangers.
  • Examples of Gray Rhino’s facing business and government today:
    • Climate Change and its second order effects (increased wildfire, hurricane, food shortages)
    • Financial Crisis which could include hyperinflation or, regionally, massive unemployment and starvation and migrant crisis
    • Disruptive Technology Based Crisis which could include new competitive business threats or other changes to market dynamics. The risk of AI changing markets and crushing some businesses and the opportunity of creation of value is a key example.
    • Cyber-attacks provide new ways of theft and geopolitical attack possibilities, and it is a risk that is unevenly understood so for most remains underdressed.
    • Pandemic second order effects from current pandemic still coming, future pandemics predicted to be much more likely now, will be more frequent. This includes bacterial pandemics which experts warn are on the rise due to new anti-bacterial resistant strains.
    • Space Based Attacks including force of nature (solar flare, asteroids) and nation-state attacks (including anti-satellite attacks).
    • Major Geopolitical Events which could include revolution and dissolution of major nations and coalitions. Turmoil could change markets and disrupt supply chains.
    • Regional Conflict hot spots include China-Taiwan, India-China LOC, India-Pakistan, Russia-Ukraine. Could cause disruption of global shipping and interruption of key supply lines.
  • Taking action on potential future crisis events is made easier by scenario planning. Scenario planning seeks to identify which of the crisis events above are most likely to impact business and then develop outlines of potential/likely pressures and business impacts that come from that scenario. The result will be a list of concerns that can be considered when planning for business investments and other mitigation meetings.

Recommended Actions:

  • Whether preparing for Black Swans or Gray Rhinos, improving business process resiliency lays a foundation for agility under crisis. So does improving security and resiliency of enterprise technology. Focus security and backups on data servers that hold assets that ransomware attackers want (consumer data, transaction information, business process data).
  • Establish a dedicated threat intel and geopolitical information team using internal resources (not outsourced). We provide more information on how to do this in our special series on establishing an intelligent enterprise.
  • Scenario planning is recommended. Start with key questions, then focus on creation of multiple planning scenarios
  • Stay up to speed on the nature of the geopolitical threat situation, the cyber threat and global technology developments and encourage your staff to do the same. All can sign up for the free OODA Daily Pulse which can help keep your extended team informed on key issues.

Related Reading:

Explore OODA Research and Analysis

Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop

Decision Intelligence

The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence

Disruptive/Exponential Technology

We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech

Security and Resiliency

Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency

Community

The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community

 

About Bob Gourley

Bob Gourley is an experienced Chief Technology Officer (CTO), Board Qualified Technical Executive (QTE), author and entrepreneur with extensive past performance in enterprise IT, corporate cybersecurity and data analytics. CTO of OODA LLC, a unique team of international experts which provide board advisory and cybersecurity consulting services. OODA publishes OODALoop.com. Bob has been an advisor to dozens of successful high tech startups and has conducted enterprise cybersecurity assessments for businesses in multiple sectors of the economy. He was a career Naval Intelligence Officer and is the former CTO of the Defense Intelligence Agency.