Natural disasters are increasingly becoming one of the key crisis events businesses must prepare for, due to their high potential for driving compounding impacts across value chains.
The recent calamities caused by storms and hurricanes in the US and Europe highlight the urgency of climate related risks to organizations: Storm Boris caused significant disruption across Central and Eastern Europe in mid-September, and the U.S. has just been hit by Hurricanes Helen and Milton, destroying not just coastal areas but mountain towns like Asheville – a community some 500 miles from where the storm made landfall.
As these recent events illustrate, preparing for and responding to an emerging new normal of climactic impacts is essential for business survival. And this holds true not only for natural disasters, but any major disruption event. Whether an organization is faced with a climate-related business disruption, or an impending crisis to customer relationships, it is often the reaction that determines the future.
For security leaders, incident response management is not just about handling the immediate fallout from an incident. It also encompasses planning, detection, response, investigation, and recovery. These steps hold true from anything from a natural disaster to a physical threat, or even a security vulnerability.
So, what are the fundamentals to ensure that teams are well-prepared for any potential disruption? We’ve captured five key things to drive an effective crisis management strategy:
1. Conduct a Thorough Risk Assessment and Identify Potential Crises
The first step in a crisis response, and ideally prior to a risk materializing, is clearly identifying the risks your organization faces.
Whether your critical assets include a head office or a high-value facility, identifying your vulnerabilities and understanding which potential incidents should be prioritized – such as natural disasters, intrusions, or even terrorist attacks – is the foundation of any response plan. Identification drives ownership and decision-making, and helps allocate resources more efficiently and effectively.
An effective risk assessment includes identifying potential threats, assessing vulnerabilities, and evaluating the potential impact on your business operations, customer trust, and financial standing. By focusing on the most likely and damaging scenarios, security teams can move on to tailoring the response plan to ensure preparedness in all critical areas.
2. Create an Actionable Crisis Response Plan
Once teams have gained a comprehensive overview of the risk landscape, it is crucial to develop a robust crisis response plan that covers all bases.
A good plan is not just a checklist. Rather, it’s a living document that grows with your organization and the changing threat landscape. To ensure plans are robust, each should include at a minimum:
Clear roles and responsibilities: Clarification for every team member of their roles and responsibilities in an emergency situation. From managing communications to securing perimeters, clearly defined responsibilities reduce confusion and increase effectiveness.
Incident response phases: Whether the plan involves detecting a threat or coordinating recovery efforts, a robust crisis management plan should outline each phase, including detection, analysis, containment, eradication, and recovery.
Communication protocols: In any emergency, staying connected is crucial. Teams need to develop clear communication lines for internal stakeholders, and integrate with external partners such as emergency services.
Operational continuity and workforce protection: Effective crisis response plans must always center around protecting employee output. In short, ensuring that they can work safely, either remotely or with safe transportation options during emergencies.
To be prepared, leaders need to prioritize planning for Business Continuity and Resilience in order to ensure that critical operations can survive even during disruptions and recover quickly thereafter – and break down management silos in the process. Best practice always dictates that cross-functional collaboration across departments is essential, from identifying options to setup backup power to establishing remote work options to reduce downtime.
3. Training and Regular Drills
After establishing a plan, regular training and drills are a fundamental, and regularly overlooked, component of a crisis preparedness.
The key to minimizing the impact of any incident is ensuring that your team is aware of and comfortable with following the established protocols. Effective emergency training covers all the components included in the incident management plan, from detection to recovery. However there is no one-size fits all approach, and leaders should adapt their training methods depending on the availability and capacity of their teams:
Tabletop exercises are great for running through possible crisis scenarios in a low-pressure environment. In addition, they provide teams the opportunity to discuss their responses and identify any weaknesses.
Full-scale drills place key teams through real-world simulations to identify bottlenecks, improve communication, and test decision-making under pressure.
Cross-training takes stress testing your protocols even further. In a real crisis, key employees may be unavailable – so training staff to take on multiple roles in unexpected situations is a crucial stress test of operational and business continuity procedures.
4. Leverage Technology to Facilitate a Rapid Response
Advanced platforms can be a game-changer when it comes to supporting effective incident detection and response procedures. Whether your company is faced with physically damaging events or digital threats materializing, leveraging modern tools allows teams to coordinate efforts quickly and efficiently. Relevant technological instruments include:
Automated Access Control Systems: Surveillance systems and intrusion detection tools can help your team identify unusual or suspicious behavior in real-time, providing an early warning before an incident escalates. Taking this one step further, modern access systems can lock down or isolate sections of a facility allow for better incident management, helping to prevent unauthorized access during any unexpected event.
Mass notification systems: Keeping teams up to date is often make or break in a crisis scenario, in particular when business-as-usual systems such as Microsoft Teams are unavailable. From informing employees, contractors, and visitors of an event quickly and effectively, to distributing crisis tasks with inbuilt redundancies, platforms such as Human Risks’ Mass Comms Module are vital – ensuring that everyone is aware of the situation and understands the designated next steps.
5. Post-Incident Reviews and Continuous Improvement
Once the immediate crisis has passed, the management process is not over.
Conducting a post-incident review is critical for learning from experience, capturing the strengths and weaknesses of existing systems, and enhance them accordingly in light of future events. Post incident analysis is often the most important part of a crisis response, and equally the most overlooked. At a minimum, teams should be guided through a process covering the following:
Hot debriefing: Gathering direct input from all team members involved in the response to assess the effectiveness of the protocols before key insights are lost. Hot debriefing should be focused on identifying gaps as well as response elements that worked well, and is crucial to building up the adaptability of an organization’s crisis response.
Root cause analysis: Conducting an in-depth investigation of root causes and materialized impacts from an incident on the organization is a time consuming but important step to informing future business impact anlaysis. Identifying vulnerabilities which lead to control features and collecting post-incident evidence is one of the most effective strategies for leaders to strengthen defenses and resilience.
Adapting the plan: A flexible plan is crucial to crisis management. Continuous improvement based on lessons learned from each incident is crucial to maintaining an effective response strategy. And as auditors can attest – if a plan doesn’t evolve after a crisis event, opportunities to learn and adapt have been lost.
Effective crisis response and incident management capabilities are crucial components of a robust security posture. By ensuring teams are well equipped and understand the key components of a best practice incident response, security leaders can protect people, assets, and the organization’s reputation more effectively.
Above all, continuous improvement and adaptation to new threats will keep your crisis response plan ready for any crisis events that will come next. Staying prepared isn’t just a box-ticking exercise – it’s what keeps organizations going and ready to face future challenges.
About Us: Human Risks
The Human Risks platform provides security teams with all the elements needed to build up an effective crisis management plan, from conducting risk assessments, to designing trainings and post-incidents reviews. Our tools are centered around people – to help build awareness, drive an effective risk culture and reinforce organizational resilience.
Reach out to the team for a demo – and subscribe for future updates to learn more about how we’re working with organisations to make security risk management smarter.
