The tragic bombing and shooting in Oslo on the same day will be used as a case study for many reasons, not least our exposure to the random element, the individual acting alone and off the grid. His intentions and background notwithstanding, one of the significant lessons for government, corporations and others is that of the effect of simultaneity.
Simultaneity – the conduct of a series of operations or activities simultaneously – in terrorist operations creates fear disproportionate to the effect of the operation itself. 9/11 and 7/7 (the bombings in London) are two examples of the effect of simultaneity; the attempted simultaneous bombings of a number of trans-Atlantic flights would have reinforced the suspicion surrounding Al-Qaeda’s operational reach and technical capability. Operating in a much more open environment, terrorists are able to plan not only the operation, but also, simultaneous attacks.
The combination of attacks to occur at the same time or in close succession mean that often targets have a very short time period in which to identify threats and take measures to defend against or defeat them.
I have mentioned isomorphism – the idea that the same effect can be achieved by a breadth of different faults or events – and it means that businesses and government must have responses to all effects planned and ready to enact regardless of the cause. The importance of understanding simultaneity is to understand that if a negative event happens elsewhere within a common geography (even if that’s the US, Europe, etc), industry or vulnerability, that MUST prompt an escalation in preparedness.
While an active shooter is likely to prompt more active shooter events, at least there is a time-lag from the “inspiration” event to the “follower” event. With a series of planned attacks, there is not that luxury. Therefore, both government and businesses must be aware of events as they happen, and be able to implement measures to manage negative events immediately. This comes with appropriate planning and co-ordination – it is no use complaining after the event that “if only we’d been prepared.” Preparation must happen now.
The benefits of pro-active preparation of business continuity and threat management measures are that the audit and preparation process often identifies both weaknesses and opportunities that the company hasn’t previously identified; the process is as much investment as a cost center. Companies must identify their weaknesses, be prepared to manage the threats and seize the opportunities, and then actively monitor their environment in order to act quickly when necessary.