31 May, 2010
Black and White Swans, A Glimpse at the Future
Nassim Nicholas Taleb created a mini-industry when he wrote his book coining the phrase ‘Black Swan Event.’ But as so often happens, the term has been used in a broad variety of ways above and beyond its intent, and particularly has been used to justify inaction in the face of events that are merely ‘unexpected’.
A ‘black swan’ is not merely unexpected; going back to the 16th century origin of the concept, there was a time in which all swans were believed to be white, and this belief held true until the first black swan was sighted. The black swan was not simply unexpected, it was in fact completely contradictory to the common wisdom of the day. As Taleb puts it, "nothing in the past can convincingly point to its possibility."
This is ultimately the challenge that Black Swan Events present - the difficulty of predicting that which has not occurred before. This is also why Black Swan Events have an extreme impact, as it would be an extremely risk averse organisation (and arguably also an organisation very inefficient at allocating capital) that would invest heavily in preparation for an event that there is no real reason to believe will eventuate.
In a presentation delivered to ISACA in late 2009, titled “The Global Financial Crisis – It’s Your Fault”, I looked at some potential ‘black swan’ type events that we could see in the information security industry, that would change the way we currently operate. Arguably, we are not looking for true Black Swans, but rather, are looking for indications that we have overlooked or are ignoring evidence that indicates certain events are in fact possible.
Over the next couple of weeks, I will look at some potential information security Black Swans in more detail, and consider whether they are in fact contradictory to our current way of operating, or whether they’re just 'unlikely'. And if simply 'unlikely', just how unlikely are they?
This article is tagged in these categories
Management,
Risk,
Strategy,
Innovation