Bounding your system risk by retaining alternative completion methods

Stephen Bounds — Fri, 31/05/2013 - 06:10

From ACM Queue, via RISKS Digest, an essential quote from Dan Geer on the risk of relying on the Internet for critical infrastructure:

Risk is a consequence of dependence. Because of shared dependence,
aggregate societal dependence on the Internet is not estimable. If
dependencies are not estimable, then they will be underestimated. If they
are underestimated, then they will not be made secure over the long run,
only over the short. As the risks become increasingly unlikely to appear,
the interval between events will grow longer. As the latency between
events grows, the assumption that safety has been achieved will also grow,
thus fueling increased dependence in what is now a positive feedback
loop. Accommodating rejectionists preserves alternative, less complex,
more durable means and therefore bounds dependence. Bounding dependence is
the core of rational risk management.

There is a lot to unpack, but the core of the idea is: Allowing people to complete processes differently than your preferred approach (eg submitting forms on paper rather than online) improves your system resilience, and correspondingly decreases your risk of irrecoverable failure.

This is another great way of thinking about the robustness vs resilience tradeoff.

Did you know...

Our expertise in complex systems analysis, combined with a deep understanding of technology and modern, agile management and leadership techniques makes knowquestion uniquely positioned to find strategic solutions to your tough problems. Contact us today.

»

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <small> <blockquote> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <br>
  • Lines and paragraphs break automatically.

More information about formatting options