Responding to Civil Unrest & Incursions

Jet Fighter Ukraine Defense

Russia and Ukraine conflict

Responding to civil unrest & incursions is a growing risk globally. Verisk Maplecroft, a global risk and strategic firm out of Bath, England, identified in 2020 that according to their Civil Unrest Index Projections, 75 countries will likely experience an increase in protests by late 2022. The conflict in Ukraine has escalated, with their resistance to Russia greater than anticipated. 

For many risk professionals, the outbreak of war was not top of mind. However, incidents of unrest have been steady globally over the past few years. These threats are primarily related to pandemic protests, social justice, climate change, and political tensions. In this environment, concerns for invasion or attack are not unrealistic. As resilience professionals, the expectation is that our response processes and organization be nimble to perceived, identified, or unexpected threats.  

Employee Duty to Care

Employee care & concern

When identifying risk or crisis, the business should activate its emergency response plans and immediately assess the situation. Typically, an assessment team gathers to share knowledge of the current state then determines critical actions. The team may commence planning additional near or longer-term activities. The foremost consideration is for employees’ security and safety.

Additionally, the initial emergency response team is working to mitigate any damage to the business. In some organizations, these team members are the same. However, in others, they feed data to the assessment team. The well-being of personnel is of primary concern. Next, response teams evaluate impacts on customers, vendors, contractors, and contacts in the supply chain. Your communications staff will assist with appropriate messaging to employees and continue to advise on distribution through the duration of the event. Consider that effective care and concern crisis communication leverages multiple channels to reach your audience(s).  

Operational Crisis Team

Operational risk assessment & response

Next, the team gathers to discuss the best way for responding to civil unrest & incursions. The team will determine the specific hazard type and utilize existing planning aligned with the hazard type. The plan gets activated, along with the corresponding crisis team. Throughout the event, connect with the business and stakeholders to track plan activation, understand operational impacts, and support response strategies.

Some of the best advice I can give to the uninitiated is to get comfortable with not knowing everything. Many organizations today thrive on copious amounts of data for decision-making. A crisis response by nature is often fast-paced, frantic, and demands conducting analysis semi-blind. By this, I mean to expect not to have enough data. Then, become comfortable with taking action with the information you have on hand. Don’t lead or participate in an incident response team if you can’t do that. 

Ukraine IT outsourcing

Vendor assessment & BC validation

It’s a good idea to communicate with vendors and the supply chain, getting a continuous pulse on continuity or concerns. In Preparing For Civil Unrest & Incursions, I suggested identifying any vendors in the area of impact. Today’s global economy highlights how interconnected we are, and reliance on off-shoring critical tasks is the norm for most industries. 

For example, Ukraine is a primary resource for outsourcing IT, specifically R&D efforts. Often not an immediate impact, an interruption to this type of workload will impact projects and new initiatives downstream. Disruptions can affect outcomes over the longer term and impact business objectives. A situation like this is just one example of why the crisis team will quickly identify vendors in the impact area. Then, respond to any strategy gaps to mitigate the effect on the company’s bottom line, including shifting work to other locations or a new vendor altogether. 

IT workarounds and cyber monitoring

Technology & cyber attacks

Assuming you aren’t living under a rock right now, the cyber implication of this invasion are evident. Russia attacked Ukraine’s digital infrastructure. Next, Ukraine calls on hacker underground to defend against Russia. Indeed, it’s a fantastic world when countries call on groups previously reviled to assist in virtual warfare. Now, concerns for Nato countries sparked a warning to Russia that the cyberattacks may invoke Article 5 for collective defense. 

From a response perspective, your cyber team jumps into action in this type of situation, responding as if the attack is on your business, even when it’s not. To be safe, your technology services personnel also activates its incident response, monitoring for abnormal activity and known potential threats. In short, your entire digital infrastructure actives against attacks and scans for downstream impacts to third parties. 

Crisis Response During Incursions

Response plasticity and efficiencies

Whether you call the current state of affairs a direct or perceived threat, it never hurts to lean on your crisis response apparatus. Most are activating teams even if the risk is low. Many may have an immediate danger due to the IT services relied upon by Ukrainians or proximity to the hot zone. To my mind, calling it a black swan or snow leopard is less critical than protecting the organization. 

Resilience demands that we work ahead of unplanned events to anticipate the unknowable. However, the profession expects to leverage horizon scanning, increased proactive intelligence, and agile response frameworks to lessen the damage. Cyber attacks are a top trending risk for 2022, and we see a version of the threat today. It is just not how many of us anticipated, expecting ransomware events. However, it is a good lesson on why I advocate flexibility as crucial. And, of course, the year is barely a quarter old. 

Please check out my next weblog on recovery tips for civil unrest & incursions. 

Disaster Empire
Scroll to Top