Threatcasting: how to build resilience in unpredictable times
Believe you can’t predict the future? Think again. Banks, businesses and even the US military are turning to innovative ways of forecasting future risks in order to build resilience
When you think of building resilience to threats your organisation might face, you might not think of turning to fiction to provide the answer.
The Threatcasting Lab at Arizona State University (ASU) is tackling scepticism around the usefulness of literature through its pioneering application of sci-fi thinking to business and security issues.
Created by futurist Professor Brian Johnson at ASU, threatcasting is an offshoot of futurecasting and scenario planning that came about when he was attempting to understand how innovative technologies, such as new AI models, could create potential risks and impact the lives of people in the future.
Finding traditional methods too prescriptive and short term, Johnson developed threatcasting in order to take into account wider factors and human responses to unusual circumstances. The method adopts elements of narrative and develops science-fiction prototypes in order to predict risks as far as 10 years into the future.
‘Threatcasting can predict risks as far as ten years into the future…’
Threatcasting allows organisations to pool their collective knowledge, create multiple possible scenarios and form narratives that deepen the understanding around a possible threat. Companies can then utilise this insight and develop frameworks for disrupting threats, making their organisations more resilient and safer in the long run.
Who’s adopting threatcasting?
Still feeling sceptical? Well, that’s unsurprising, but since its conception in 2007 threatcasting has been adopted by the American military, the federal US Government, financial organisations and international businesses in order to better understand where the risks in their working practices lie.
In conjunction with Cisco Hyper Innovation Living Labs, ASU has even used threatcasting to predict different scenarios about the future of work and workplaces, analysing what positive developments could lie ahead and what potential pitfalls could create disharmony and danger in our future workspaces.
Mastercard and Bank of America are getting in on the action, with Mastercard hosting a threatcasting workshop for financial institutions in Dublin this year. Mastercard also declares that this is no one-time thing – the company intends to continue to use threatcasting as part of its security ecosystem and therefore better understand threats to data security, payment systems, cyber attacks and even the dangers of online misinformation.
‘Mastercard intends to continue to use threatcasting as part of its security ecosystem …’
Threatcasting in practice
But what does this mean for other, smaller organisations?
Well, you may not know it but you already make predictions into the future all the time. As David Johnson points out in an podcast with Gartner, a business plan is already an act of science fiction, a prediction into the future based on the information you currently have. So, the jump to threatcasting is not as big as you might expect.
‘A business plan is already an act of science fiction…’
Even the idea of a ‘threat’ does not have to be dramatic, a threat could be a change in the market, an increase in political insecurity, the utilisation of your current technology in a new context, even the potential difficulties brought about by a poor HR system. All of these factors have the ability to knock a company off course in a drastic way, whilst also not being outside of the realm of possibility in the current economic and financial landscape.
Mitigating negative effects
Whilst threatcasting isn’t a crystal ball that offers a concrete view of the future, it is still a tool with which we can help to predict and mitigate the effects of previously unforeseen influences and which aids thinking about how unnoticed factors could turn the corporate workplace upside-down.
More companies have seen the benefit of building in resilience in recent years and threatcasting has the potential to go mainstream with an increasing number of organisations using these strategies to develop resilience and rethink their business strategies and cyber security policies.
With the number of cyber attacks growing year-on-year, companies need to think about their security and their exposure to threats more seriously, this need only increases as companies continue to rapidly adopt high-tech solutions such as cloud services and artificial intelligence in their workplaces.
Like Mastercard, more companies will utilise threatcasting to develop their understanding of their own vulnerabilities and to solve problems before they begin to have a negative impact.