Year in review: Key trends in critical event management

Physical and cyber security

Several key developments marked significant milestones in the integration of physical and cyber security in the past year. The United States Department of Homeland Security introduced a comprehensive cybersecurity framework, placing a strong emphasis on merging the worlds of physical and digital security. This strategic move aimed to safeguard both online and offline assets effectively. Simultaneously, within the private sector, prominent enterprises escalated their investments in AI-powered surveillance systems. These cutting-edge systems not only excelled at detecting physical breaches but also exhibited the ability to identify cyber threats, offering a holistic and all-encompassing security solution.

Lessons learned:

• Exploration of cybersecurity vulnerabilities: In 2023, a surge in cyberattacks exposed vulnerabilities across various sectors. Notable data breaches and ransomware incidents underscored the importance of proactive and adaptable cybersecurity measures.
• Critical infrastructure under siege: There was a substantial uptick in attacks on critical infrastructure, including power grids, water supply systems, and transportation networks. These incidents highlighted the vulnerability of such systems to cyber threats, necessitating urgent security enhancements.
• Role of AI and machine learning in security: Artificial intelligence and machine learning assumed a central role in threat detection and response. Cybersecurity solutions increasingly harnessed these technologies to analyze extensive data, detect anomalies, and automate incident response, leading to quicker and more precise threat identification and mitigation.
• Elevated emphasis on supply chain security: Recognizing the potential risks posed by supply chain vulnerabilities, organizations elevated their focus on supply chain security as a top priority.

Risk intelligence and geopolitical tensions

The year was marked by significant geopolitical tensions, open hostilities, and a strategic surprise with the Oct 7 Hamas attack on targets in Israel. A global environment with this level of dynamism underscores the critical role of risk intelligence in supporting the decision-making and sense-making of global enterprises.

Despite concerns over inflation and and economic downturn, many multinational companies continued to invest in the size and capability of their risk intelligence teams to include the leveraging of generative AI, exploitation of new sources, and adding new partners into their tech stack.  

Lessons learned:

• Geopolitical uncertainty: The world experienced a surge in geopolitical tensions, particularly in regions such as Israel, the Middle East, Eastern Europe, and the South China Sea, making real-time risk intelligence more essential than ever.
• Climate change impact: Climate change was a significant risk factor, with severe weather events disrupting supply chains and exacerbating geopolitical tensions.
• Advanced analytics: Risk intelligence firms developed more sophisticated analytical tools, enabling better predictions of geopolitical events and their impact on businesses and governments.

Climate-fueled severe weather

“Persistent climate change trends, with their escalating impact on severe weather events, have pushed climate change mitigation to the forefront of critical event management, underscoring the paramount importance of disaster preparedness.

In the public sector, the National Oceanic and Atmospheric Administration (NOAA) harnessed advanced climate modeling and early warning systems to issue remarkably accurate forecasts for extreme weather events. These forecasts facilitated efficient evacuation plans and substantially reduced the loss of life during hurricanes and floods.

In the corporate sphere, retail giants responded with strategic investments in resilient infrastructure and diversification of supply chains to adapt to climate change impacts. For example, a prominent retail corporation integrated climate data into its risk assessment, prompting timely relocations of distribution centers away from flood-prone areas.

Lessons learned:

• AI-driven disaster response: Governments employed AI to improve their response to natural disasters. For example, machine learning algorithms were used to predict flood patterns and allocate resources effectively.
• Infrastructure resilience: Severe weather in 2023 led to heightened investments in infrastructure resilience. A notable example was the reconstruction of coastal areas with more resilient designs, better prepared to withstand storms.
• Insurance industry evolution: The insurance sector adapted to the changing landscape by developing innovative policies that considered climate change risks, ensuring better coverage for property and businesses in high-risk areas.

Travel risk management and employee duty of care

Travel risk management took on new dimensions in 2023. TRM evolved to encompass broader safety and well-being concerns, emphasizing the duty of care towards all employees regardless of their work location.

Diplomatic missions took proactive steps to enhance support for expatriates and embassy personnel abroad, introducing real-time tracking systems to monitor their movements. This measure was particularly crucial in response to civil unrest or natural disasters, enabling swift responses to ensure the safety of citizens. Likewise, corporations embraced a comprehensive approach to employee well-being during travel, leveraging advanced data analytics to monitor their workforce’s health and safety. This extended not only to health guidelines amid the ongoing pandemic but also included safety precautions and the provision of psychological support.

Lessons learned:

• Health and safety: Travel risk management incorporated and amplified the significance of health concerns, such as pandemics, as a key factor in risk assessments.
• Data-driven decision making: Advanced data analytics and monitoring tools helped travelers and organizations make real-time decisions based on up-to-the-minute information.
• Duty of care: The concept of “duty of care” gained importance as organizations were increasingly held accountable for their employees’ safety while traveling or working from a non-traditional location.

Early warning systems

In 2023, early warning systems, whether designed for natural disasters, cybersecurity threats, or geopolitical events, witnessed notable enhancements and expansions.

These systems became increasingly interconnected, bolstering their efficiency and adaptability to address intricate, hybrid threats. Nations took a more collaborative approach to early warning systems, forging unified responses to combat hybrid threats. For instance, a noteworthy collaborative effort involved countering a cyberattack on critical infrastructure by deploying a combination of cyber experts and security forces.

Furthermore, large enterprises harnessed the power of AI-enhanced early warning systems to anticipate and manage cyberattacks and geopolitical crises, especially those with cyber components. This proactive approach aimed to safeguard sensitive data and valuable assets.

Lessons learned:

• Global collaboration: International cooperation and data sharing strengthened early warning systems, helping communities and organizations better prepare for crises.
• AI-powered alerts: AI-driven early warning systems became more accurate, enabling quicker responses to emerging threats.
• Hybrid threats: Early warning systems began to address hybrid threats, which involve a combination of physical and cyber threats or geopolitical and climate-related risks.

Looking ahead: Predictions and trends in critical event management

As we step into 2024, our outlook identifies eight significant trends that will persistently influence critical event management:

Holistic approach: Organizations and governments will adopt a more holistic approach to critical event management, addressing physical, cyber, and environmental risks in an integrated manner.

AI and automation: The use of AI and automation will continue to expand, enabling more effective threat detection and response in both the physical and cyber domains. Organizations will invest in AI-driven solutions to detect and respond to risks in real-time, improving overall security postures.

Continued climate focus: Climate change mitigation and adaptation will remain central in risk assessments and resilience planning.

Ransomware resilience: Organizations will prioritize ransomware resilience by implementing robust backup and recovery strategies. The focus will shift towards data protection and ensuring business continuity in the face of ransomware attacks.

Supply chain security: With the increasing reliance on global supply chains, 2024 will see a greater emphasis on supply chain security. Organizations will conduct thorough risk assessments and audits to identify and mitigate vulnerabilities within their supply chains.

Resilience as a priority: Resilience planning will become a primary focus, with increased investments in infrastructure and strategies to mitigate the impacts of climate change and geopolitical tensions.

Regulatory compliance: Governments and regulatory bodies will introduce stricter data protection and cybersecurity regulations, emphasizing compliance and accountability. Organizations will need to adapt to these evolving legal landscapes.

Enhanced early warning systems: Early warning systems will continue to improve, leveraging cutting-edge technologies and global cooperation to provide more reliable alerts.

About the author

Eric Boger has nearly 20 years of experience in the fields of intelligence analysis, physical security, data analytics, business resiliency, and risk management for both government and private sector clients. At Everbridge, Eric is part of the risk intelligence leadership team – guiding the mission of the 24x7x365 Risk Intelligence Monitoring Center and Geographic Information Systems teams. 

Prior to joining Everbridge, Eric was Vice President of Commercial Intelligence Services for PlanetRisk and VP of Global Intelligence at WorldAware (formally iJET). Early in his career, Eric was an Open Source Intelligence Analyst supporting US National Security initiatives, with the Horn of Africa being his primary area of responsibility.