With those wise words of one of the 20th Century’s greatest philosophers* in mind, let’s cast a glance back over 2021’s GB Journal issues archive and see what items we think we’ll be seeing more of in 2022. We’ll depart from our usual four-part format a bit and look at the four issues we reported on repeatedly this year which we think will have legs and are likely to grace these pages again in 2022. Bear in mind, we offer no guarantees. As a child of the 40s and 50s, we are still looking for the flying cars, lunar colonies, and atomic-powered everything the media so confidently predicted for the 21st Century back when we all liked Ike.
*Groucho Marx, who else?
Still waiting for this one.
Managing the Human Factor Risks
A year ago, we started our look ahead for 2021 in part with the following:
In many ways, upgrading and updating our technology is the easiest part of the 2021 challenge. We are already going down that path. BUT—how well are we socializing our new techno-wonders, helping our people and our clients make the best, least frustrating use of our new tools? The user-technology interface is where so many great ideas crash and burn and then we wonder why productivity, customer satisfaction, and other key metrics aren’t perking up as expected.
Well color us prophetic. Our Journal has run thick with items about the risk–HR interface over the past year. We pointed out the looming bulk of the Great Resignation back when it was a mere pup and not yet the Wolf That Ate the Economy.
There is more coming. The Economist, a pretty well-informed rag, headlined a recent issue: “Why 2022 Will be the Year of the Worker”. Their thesis is straightforward. The changes that have roiled the world of work since COVID-19 loomed on the horizon have consequences. They include demands for better pay and working conditions, as well as a struggle to match personnel with rapidly changing company needs. Earlier this year, we told you about our Dutch friend who saw a crowd of school kids cycling off to class one morning in Amsterdam and realized that, as adults, half of them will be working in jobs that do not exist today.
We’ve been around the block a few times ourselves, having started back when punch cards were new technology, and a hand-held computer was a slide rule. We don’t recall a time when risk and HR needed to be more closely aligned than now*. Or when the efficacy of policies and premiums relied more on having the right people in the right places. We have amazing concepts for accommodating our post-COVID-19 workforce with mixed-model staffing and supplementing people with AI-based systems to enhance productivity and relieve tedium.** But in every case, execution will be king, and execution means people.
Need a refresher on how to integrate risk and personnel management? Risk and HR are often in different reporting verticals, so working together may not always be obvious. We like a neat, brief overview written a couple of years ago by Bernard L. Erven, a professor of Agricultural, Environmental and Development Economics at Ohio State University. An ag-economist, you say? Well, yes, because Prof. Erven writes for the people in the ag industry who prefer to consume information straight, fast, and without frills***. Some of the risk examples involve things you probably won’t face in your company, but the essence of the human resource–risk management interface is the same whether you deal in semiconductors or cows.
Let’s give professor Erven the last word here:
Like risk, human resources are pervasive in the business. Human resource management is most effective when integrated with decision making throughout the business. This leads to recognition that each production, financial, and marketing decision has a human component or influence.
*A good example of an especially critical industry going through several different crises simultaneously is health care. We can’t think of a tougher risk management gig for 2022.
**A very wise professor (yes, at Stanford, of course) once told me that your future may well depend on which of the following statements you find less credible: (a) I’m from the government and I’m here to help you, or (b) don’t worry, that happens automatically. If you are a risk professional, you don’t have to ponder your selection.
***Once upon a time, we ran a large ag insurance agency. No insurance purchasers are more to the point than growers.
Cyber, Cyber Little Star*
Our first issue of 2021 also included this raw slice of human drama:
A hacker in China was trying to pirate our Netflix account and move it to a user located in (no kidding) Giza, Egypt. We put the stoppers on this, tracked down the hacker and sent him a not-very-nice note in Mandarin**. Whether you are at work or at home, hackers are lurking, looking for a way in. The difference between prudence and paranoia gets smaller every day.
The prudence–paranoia gap has continued to shrink, and we expect to run many more items about cyber risks in the coming year.
A quick tour of the Googleverse shows a plethora of new cyber risk reports, articles, software, and services on the market, along with dire predictions for the coming year. A new Deloitte report begins with, “Technology continues to become more omnipresent with an ever-increasing attack surface and attackers are combining creativity with pragmatism to break into IT systems.” Feeling better now? (And what about that phrase “attack surface”? How many of those do you have?)
On the other hand, we have recently seen a new willingness of governments to go after hackers and even arrest them. Try this lead from The Hacker News*** right after Thanksgiving: “A joint four-month operation coordinated by Interpol, the international criminal police organization, has culminated in the arrests of more than 1,000 cybercriminals and the recovery of $27 million in illicit proceeds.” It’s been a long time coming, but we are beginning to see serious inroads by law enforcement into ransomware, sabotage, and other seriously antisocial aspects of hacking.
Want to dive deeper? Let us recommend a very comprehensive overview of trends in hacking and cybercrime—“16 Latest Cybercrime Trends & Predictions for 2021/2022 and Beyond” from FinancesOnline. This summary covers the latest in everything from pandemic-related phishing to RDP (Remote Desktop Protocol) attacks. We can’t think of anything in here that you don’t need to know about—or know that your IT security people are up to snuff on the same topics.
My old Swedish grandfather told me that all honeypots draw flies, and big honeypots draw lots of flies. Nice big juicy data files and attendant systems are the honeypots of the 21st century. The flies aren’t going away, but we now see signs that we are entering a new era of effective cyber law enforcement where cyber risk may become more closely analogous to familiar retail crime exposures and thus more governable. As one of our favorite philosophers of cyber thought**** put it: “Technology trust is a good thing, but control is a better one.”
*How we hack you from afar.
**The email address I tracked the incursion back to is used almost exclusively by hackers based in China. Local and Russian hackers use different systems.
***Yes, this is a real publication. See also InfoSecurity Magazine for another window into cyber risk and loss engineering. What does the fact that we have a whole rack of magazines on hacking and cyber threats nowadays tell you?
****Stephane Nappo, Global Head of the Information Security for Societe Generale International Banking.
Well, maybe we should keep a few hackers around for emergencies.
The Constant Clank of Broken Supply Chains
Last February we noted that chess sets were becoming as hard to find as toilet paper a few months earlier. That was just “one more example of the crazy twists and turns—and unexpected risks—that we see nowadays in all our supply chains.” Since then, we’ve had a number of opportunities to write about supply chain risks and how the whole definition of supply optimization seems to be shifting as we watch.
A good example of our new view is shown below—a real-time screen capture from www.marinetraffic.com showing the status of all of the ships waiting at the ports of Los Angeles and Long Beach. Those green things in the harbor are not bunches of Thompson grapes, they are bunches of ships waiting to unload.
Have we ever been more exquisitely aware of container ships riding at anchor*? As we noted recently, supply chain costs must now be carefully risk adjusted. Who knew a couple of years ago that per container shipping costs could go up 400–500% during your coffee break? What does this portend for our internal transportation vertical? We see stories in the press about the trucking industry recruiting students and grannies to fill their need for drivers. When it comes to hauling stuff, the definition of “risk” seems to be expanding as we watch.
What do we see for 2022? One oracle we have consulted is the new report, 2022 Trends in Supply Chain Management, published by Flat World Global Solutions. No guarantees that these folks or anyone else have the best possible handle on reading the 2022 tea leaves, but their list of topics, such as resiliency, visibility, capacity, and timeliness is a good tool to consult in evaluating your own supply risks. Will minimizing delay and disruption risks trump penny per unit cost savings? Will re-homing begin to offset more than three decades of aggressive offshoring? Alas, the experts disagree.
Our own observation is that managing supply chain risk looks a lot like managing the climate-related risks discussed below. The most pressing factors are probably local and industry specific. Complex events have always created winners and losers, but often the winners had certain traits in common:
- They eagerly embraced new ideas and technologies that addressed changing conditions.
- They understood how changes were impacting their markets and kept very close to their customers, looking through their eyes as well.
- They aggressively sought out new categories of customers.
- They made common cause with their best suppliers.
- They understood the value of control as part of resiliency.
- They had a clear vision of when to put sacred cows on the menu.
*Only part of the equation, of course. The same maps of Shenzhen, Shanghai, Ningbo-Zhoushan, etc. look even worse this morning.
So How Do You Start a Flood?
In our January 21, 2021, issue we offered a round-up of the weather-related cat losses for 2020. We quoted the redoubtable Washington Post: “The year 2020 will go down in the history books as one riddled with a record number of billion-dollar disasters.” Climate change has continued to make life interesting, and we have featured weather and other natural disasters frequently in the last year. We have also suggested that it might be time to begin taking a broader view of such things as flood risks, to look beyond your own physical facilities to the hazards threatening the surrounding communities, and see how broader events may impinge on normal commercial activities in your extended customer–supplier ecosystem.
What are the actual large-scale trends? The incident costs of natural disasters keep increasing worldwide due to all sorts of factors—inflation, more development in marginal lands, and the increasing complexity of daily and commercial activity*. Let’s take a look:
The chart only runs through 2019, but the accounts we have read thus far indicate that 2020 had a slightly higher incidence, especially of flood events.
Now, let’s look at costs:
Costs appear to be following a similar recent curve**. Again, both 2019 and 2020 are missing and we know that they represent a tick up from the previous few years. What we see is that both the incidence and cost of natural disasters are on a long-term uptrend, especially over the last two decades. But we are not looking (so far) at the proverbial “hockey stick” upward jog anticipated under some climate change models. Earthquakes aside (see note), we seem to be looking at a long, gradual increase in weather events in terms of both frequency and severity.
On the other hand, as we pointed out in a recent issue, weather risks are NOT distributed evenly. Here’s a nicely illustrated travel itinerary: “These incredible places could be underwater in 30 years”. Some may surprise you. One area listed is East Anglia in the UK. Much of the land has already been swallowed by the North Sea. The locals were petitioning Queen Elizabeth I for help as their towns sank under the waves 400 years ago. Spoiler: the towns are still sinking, and the people are still asking for help today. Good old USA Today just published a very informative pair of articles***(subscribers only) looking at the local divergences in severe weather across the US. Climate change may be the foremost example of the saying, “think global but act local.”
We expect more items about crazy weather in these pages in 2022 and beyond—and more ideas about how to manage these increasingly complex and subtle risks. While we ponder new ideas about parametric flood policies and new styles of cat bonds, keep in mind the words of the French philosopher, Voltaire: “Men argue. Nature acts.” Or les hommes argumentent, la nature agit, if you want to sound learned.
*Does a flood, say, get your abacus and blackboard wet or wipe out your new server farm? There is a long-term trend for more expensive, high-tech stuff to be at risk in a given location over time.
**That obvious spike in 2011, you ask? The Tohoku and Chilean earthquakes top the list of a superactive year for earth movements, pegged at $230.3B in total earthquake damage. Not, so far as we know, a climate issue.
***”Our warming climate is having a dramatic impact on precipitation. What does the data tell us about your state?” (11/30/21) and “How a summer of extreme weather reveals a stunning shift in the way rain falls in America” (12/01/21)
A bad day in Atlantis? No — business as usual in Miami.
Say It Isn't So...
Coming of age is a big deal for children turning into men and women and we have a deep culture of rituals and literature to celebrate this change in life’s narrative. Does this apply to industries in some way? Well, we think it might. In our view, an industry comes of age when it has its first major product recall, hence our attention to the following:
Michigan licensing officials late on Nov. 17 issued what is likely the largest marijuana recall in the state ever, since the commercial market opened in December 2019.
Well, look at Mary Jane now—all grown up and struggling with the same risks as other mature lines of business. The bulletin from the Michigan Marijuana Regulatory Agency is shy on details, but those who purchased any of the designated lots in question (“SC-000009, AU-SC-000113 and SC-000014, AU-SC-000103") are requested to turn in remaining product for proper disposal. Perhaps they are planning to burn the recalled stash? Sounds awkward.
Words to Remember
Scientists differ on the dating, but somewhere around 20,000 years ago, a group of aborigines made the Wurdi Youang stone oval not far from what is now the town of Little River, Victoria, in Australia. About 24,000 years ago, a Paleolithic hunter in southern France carefully incised a good part of a lunar calendar on a reindeer rib. Opposite sides of the world, but we suspect both of our early calendar makers who lived on the edge of dreamtime would agree with our final thought for the year:
Every story has an ending,
But in life
Every ending is a new beginning.
2022 will not be 2021. That’s not a threat but a promise.
Wurdi Youang—the first calendar?