Everywhere you turn, disruptive critical events are in the news – so too, the companies they affect. Just look at the Forrester report, Take A Unified Approach To Critical Event Management: the study finds that 100 percent – yes, you read that right – of companies surveyed had experienced a critical event in the last two years. That’s not even the full extent of it. Many of those companies actually dealt with multiple incidents during that time frame: the average was four, discrete critical events in a two-year period.
Imagine that. Just one critical event, anything running the gambit from severe weather, intellectual/physical property theft, IT failure, and cyber attacks to (even) slower boil critical issues that when left unattended spiral into major incidents, causes untold damage. The cost alone is staggering: for instance, a mega data breach of one million compromised records yields estimated total costs of nearly $40 million, according to findings from the Ponemon Institute. Now factor in softer costs like eroded reputation, disrupted supply chains, lost productivity, and multiply by four. Numbers like that represent nothing less than an existential risk to your business.
So what can be done? It’s one of the more important, potentially business-sustaining questions you can ask. Luckily, there’s a ready-at-hand answer. Because an effective means of counteracting the critical event threat plaguing business today is integrating existing enterprise incident response mechanisms, and that’s where critical event management comes in.
As a practice, critical event management bears some definition, especially since a critical event itself can be so hard to pin down. Well, a critical event is simply a catchall term to describe a disruptive incident that negatively impacts your business. In other words, you’ll know a critical event when you experience one.
As for the practice itself: well, critical event management practitioners will tell you that their field offers thought-through measures to ensure effective critical issues and crisis preparation, response, and recovery. As such, the field borrows generously from techniques in interrelated all-hazards practices, like incident management and response, crisis management, business continuity planning, and emergency management. But that’s not to say that critical event management isn’t special. Indeed, critical event management makes a unique intervention in that it’s (first and foremost) an integrated, cross-functional, all-hazards practice.
How does that manifest itself on the ground? Well, as it turns out, a non-trivial amount of the work of critical event management is aligning resources from across the entire business to respond to disruptive incidents; this work includes regrouping stakeholders from multiple, relevant business lines, improving inter-departmental (or multi-stakeholder) coordination and communication flows, integrating necessary processes, and post-hoc reporting and analysis.
Further, this approach just makes more sense for your business (than an IT-siloed method, for instance): though critical incidents might sprout up in one line of the business, they rarely stay put. The damage spills over, and it spills over quickly. Which means that even though individual departments invest heavily in advanced technologies and undertake extensive planning cycles to anticipate and respond to likely critical threats, they rarely do so in an integrated fashion, largely rendering their individual actions ineffective, in the face of a critical event.
On the other hand, integrated, critical event management offers enormous benefits. Advanced, critical event management enables effective, interdepartmental communication mechanisms, give business leaders a dynamic, consolidated view of threats, automated functionality to assess and respond to those threats, as well as information capture capabilities for critical event reporting. Other top-tier, business benefits include greater operational efficiency (from fewer system and process redundancies), reduced costs, and better situational awareness and response visibility (for business leaders). And, of course, the ultimate goal of integrated, critical event management, improving your organization’s ability to keep its employees and customers safe.