WeWork’s Michael Gladstone has a big mandate: As the company’s senior leader in charge of emergency management, his team plans for unexpected events, and rapidly responds during emergencies to keep WeWork’s thousands of employees and 527,000 members safe.
In a recent, hourlong webinar Rethinking Your Approach to Enterprise Risk Management, Michael outlined how his team uses relevant, early alerts from Dataminr to learn about emerging events and threats worldwide, giving them precious time to act to protect people’s lives, protect the company’s property and its brand reputation.
Here are three key questions and answers from that webinar.
Dataminr: Corporate risk is evolving, and in order for enterprises to ensure they are detecting and mitigating against risks appropriately, they must identify blind spots across the organization and take a unified approach to addressing those gaps. How do you unify different categories of risk across the organization, physical security, cybersecurity and brand awareness?
Michael: We're taking all those different risk categories and saying, ‘Okay, at the same time that there might be an information security risk, there can also be a physical security risk.
I think natural disasters are a great example of that, because it's possible, in a natural disaster, that all of your various risk groups--business continuity, disaster recovery, information security, physical security, risk management, emergency management, crisis management and public affairs crisis management-- are all going to be impacted at the same time.
How we unify that is to make sure that there is a free flow of information going as high up as possible on the chain, and as low down as possible, because you never want to silo the information.
Enterprise risk folks have a great wealth of information that they get. Don't silo it. You want to make sure that you're sharing. Unless it's very sensitive information, share all the data during a crisis as is allowed and possible. You want to make sure that everyone is working on the same information at the same time.
Dataminr: What is the ROI you look for when applying an emergency risk management plan to your organization?
Michael: So the ROI that we're looking for is not necessarily the amount of money that we save the enterprise, or that we successfully grew our quarterly earnings. That's not the risk manager's top priority.
Instead, it's not quantitative, it's more intangible. It's more about thinking, ‘Okay, if we prevented this particular crisis from being as bad as it could've been, maybe we've got more members who are coming back the next month, because they were happy with the lack of interruption to their business.’
It's often difficult in things like a natural disaster to see what you saved, or you didn't lose. So again, to me, risk management has an ROI that's not self-evident, if at all. It's very difficult sometimes to make that corollary. It's hard for non-risk management people to understand when we say, ‘We don't know the exact impact that this bit of technology or this plan will save us.’ It's very hard to quantify, and that's a challenge for a risk management team.
Dataminr: What is a bad day from a risk perspective?
Michael: I think on a bad day, three things can happen.
The first is that if there is some kind of a life safety issue that any part of the risk enterprise team could have prevented, that's a bad day. Doesn't matter what the risk is, if someone is injured or there's a fatality because of something that your team knew was a risk and wasn't proactive about, the negative ramifications of that could be immense.
I think another thing that comes to mind is if there is an impact to your brand that you knew was out there, and you didn't do anything about it because you said, ‘Well, maybe someone else is dealing with this,’ or, ‘That doesn't sound like it's going to really be a big thing,’ that's a bad day for risk management. Not being proactive about protecting your brand.
And then, the most impactful thing is when your superiors come to you and say, ‘What is happening here?’ but you have no idea what they're talking about.
That's a really bad day for a risk management professional because either the resources that you have chosen to use have failed you, or you're sort of left standing there with that look on your face like, ‘I am not qualified to be in this position.’
A risk management professional's ultimate goal is to be ahead of the curve. If your superior, or a C-suite [executive] comes and asks your superior the question, they should already have the answer, because you have figured out: "This is a risk. I need to let somebody know, and here's how it's a risk. Here's how we can mitigate it."
Don't wait for the question to be asked. Be proactive, and that's how you avoid the bad day.
Dataminr is recognized as one of the world's leading AI businesses. The company’s clients are the first to know about high-impact events and emerging risks so they can mitigate and manage crises more effectively. Dataminr solutions are relied on 24/7 by hundreds of clients in over 70 countries to help them solve real-world problems.