Risk Insider: Jack Hampton

Breaching the Electronic Levees

By: | October 24, 2016 • 3 min read
John (Jack) Hampton is a Professor of Business at St. Peter’s University and a former Executive Director of the Risk and Insurance Management Society (RIMS). His recent book deals with risk management in higher education: "Culture, Intricacies, and Obsessions in Higher Education — Why Colleges and Universities are Struggling to Deliver the Goods." His website is www.jackhampton.com.

October 21, 2016.

In what was described as a stunning breach of global Internet stability, a coordinated cyberattack struck online social networking and other systems including Twitter and PayPal.

In a distributed denial-of-service, hackers flooded servers, causing them to collapse under the overload.

Such attacks are common and we are getting used to them. This is not good.

Mounting evidence shows hackers are becoming more powerful, more sophisticated, and increasingly interested in targeting core infrastructure providers.

Yesterday Twitter, tomorrow the electricity grid and nuclear power plants.

We have been there before. The year was 2005. The event was Hurricane Katrina.

Today’s “Katrina” is not a natural disaster. Neither is it limited to the U.S. Gulf Coast. It’s a national or global cyber attack.

Here’s what we knew. Major portions of New Orleans flooded on average every three years for the prior 200 years before Katrina struck in 2005. Even heavy rain exceeded the capabilities of pumps trying to get rid of the water.

Advertisement




Since the early 1800s, the city enforced a code of burial in tombs above ground. Nobody wants flooding to uproot caskets and have them floating in the streets.

The cemeteries, called “cities of the dead,” were a major attraction. Even today you can pay $25 a person and take the whole family on a “2-Hour Cemetery & Voodoo Walking Tour” in New Orleans.

So planners in that city rationally had their eyes on tourism dollars. But what about risk management?

Rain is one thing. Levee breaches are another.

The entire city was protected either by high ground or levees built to withstand a Category 3 storm. Atlantic hurricanes had been growing in intensity.

Katrina was a Category 5 upon arrival in Louisiana. The levees failed.

Katrina should have been seen in advance. Not the exact date. Not the horror. Just the madness of how we often fail to fix the obvious until it’s too late.

Today’s “Katrina” is not a natural disaster. Neither is it limited to the U.S. Gulf Coast. It’s a national or global cyber attack.

The recent attack on Twitter and others did more than disturb our instant messaging. It gave us a glimpse of an impending electronic catastrophe.

We recall automobiles with faulty ignition switches that can kill or injure us. We replace defective smart phones that catch fire or explode, with the potential to take down commercial airliners.

Why do we ignore the fact that we are connecting our entire daily life — emails, phones, cars, appliances, hospitals, electrical networks, and pacemakers — to a single vulnerable system? We need more than electronic “levees” built to withstand a rainfall when we are facing a cyber tropical cyclone.

Does this risk management failure stem from being penny-wise and pound-foolish?

The annual U.S. spending on national defense is $600 billion. The government budget deficit is also $600 billion. Annual social security and disability benefits amount to $930 billion.

How much is too much to reasonably spend to protect us as we stand here, watching these approaching electronic storm clouds?

Spending for personal virus protection? $30 annually per computer.

Spending for business systems? Thousands to millions of dollars.

Spending to stabilize a global communication network that could allow really bad people to cause devastation and calamity? Priceless.

The Risk List: Presented by Travelers

6 Risks for Golf Courses and Country Clubs

Drag and drop the tiles below to arrange them in your prefered order of most concerning risk (#1) to least concerning risk (#6). Then press "Submit Rankings" to see the summary results.

1
Golf Carts
2
Theft
3
Hospitality
4
Tournaments
5
Young Patrons
6
Weather