Artwork for podcast Attributive Security
#13 Blindsided by an Unknown Unknown
Episode 138th November 2021 • Attributive Security • Martin Hopkins, Maurice Smit
00:00:00 00:36:30

Share Episode

Shownotes

With hindsight, declaring a risk an unknown unknown is often no more than an admission of a lack of foresight, a lack of imagination. How many risks that are actually realised were really inconceivable in advance? Risk identification is a process that is resource constrained, and reasonably so. But with more time, more perspectives, more insights, more intelligence the chances are you'd have identified the risk. Perhaps to do so would have not been cost effective; or you may have decided to limit analysis and not successfully managed an outlier risk. But to declare it an unknown unknown (after the fact) is rejecting an opportunity to learn. Is it not fatalistic to shrug one's shoulders and say "How could I have known"?

In this episode we discuss Unknown Unknowns, along with their bedfellows Known Knowns, Known Unknowns and Unknown Knowns, and their place in the identification and management of business risks.

Links