Editorial: Support from an unexpected ally
Editorial: Support from an unexpected ally
Writing in the Financial Times last month, the former chairman of the US Federal Reserve, Alan Greenspan, said that “risk management can never reach perfection. It will eventually fail and a disturbing reality will be laid bare, prompting an unexpected and sharp discontinuous response.”

This widely respected economist was writing about the current turmoil in the financial markets, but his words have value for those working in information security. The article was a breath of fresh air for anyone watching events unfold over the past few months and noted the hubris and wild speculation as to how the uncertainty will pan out – much of it by those with little or no expertise in economics or business. In other words: politicians.

At the same time, many equally biased and misinformed commentators are happy to pin blame on whoever it suits them politically rather than assessing what really happened and what might happen next. If they did, however, they may find at least that much of what is happening now was caused by a human failure to heed the warnings of the tools expressly built to stop it happening in the first place.

Greenspan admits that the most sophisticated risk modelling software in the world has, on this occasion, seemingly failed the financial markets. He points out that most models are based in the real world, but that the perfect risk assessment system would be able to determine just when the markets were about to enter a period of uncertainty and fear.

“If we could adequately model each phase of the cycle separately and divine the signals that tell us when the shift in regimes is about to occur, risk management systems would be improved significantly.” he says.

Indeed they would, but while we wait for that to become technically possible, the more pertinent question is whether it is even necessary if business leaders and those charged with monitoring fluidity (the risk managers) used some software of the more organic kind – their brains.

Greenspan's point was that if the banks and funds had used some common sense in the period of expansion and growth then we might not be facing the problems we do now, when we failed to act on the warnings of a period of recession.

Through the froth of the last decade, the fear of being left out of short-term reward meant too many ignored the consequences of failure – the risk – if market conditions turned. It was people that chose to ignore this – not machines or software.

What's true of the markets is true of any risk model, including the one that assesses what happens to you if your business is attacked. Compared to modelling the variables involved in modern financial derivatives, assessing the threat to your business and how far you can risk them happening looks relatively easy.

The ironic message of the Greenspan assessment, for you, is that the failure of risk modelling in the financial sector in the past decade may lead to tougher market conditions in all sectors. The tougher those conditions become, the better your risk models need to be – and the greater the need to act upon them.  
Paul Fisher is editor of SC Magazine