The Future of Risk

As the world becomes more socially, economically, and culturally connected, a wealth of opportunity – and risk – arises for both business and government alike. The ability to reach out and instantly touch customers and international partners has accelerated the growth of collaboration and opened up markets previously unattainable. As with any open system, malicious threats have infiltrated the ranks, adding a new form of risk that is changing the way people look at the world and the uncertainty that arises from this hyper-networked society.

We posed several questions to spark the conversation:

  1. How can entities limit asymmetric risk and identify challenges to quickly move ahead of competition?
  2. What will the future of risk look like in a post-industrial society where monetary wealth is surpassed by knowledge and information as the primary determinant of power?
  3. How will these risks change as technology connects humans at an accelerating rate?

Participants shared a wide range of views on multiple aspects of risk, innovation, and the potential ways for US public and private entities to leverage innovation to improve their posture.

Over the course of the evening, several primary themes emerged:

  • There is no ‘one-size-fits-all’ definition of what constitutes risk in the 21st century
  • Risk is created—and ultimately abated—by the choices that we as individuals make; there is a heartbeat at both ends of the stream of bits and data we encounter on a daily basis
  • Though at their base level the risks to businesses are not that different than they were 15 years ago, the effects, consequences, and exposure—as well as the speed with which risk and fallout can spread—is drastically different today
  • A large challenge facing many organizations today is leadership denial of risk; we deal with the risks we think we can handle, but the catastrophic risks are there looming and they’re the ones we can’t or won’t confront
  • Risk is not a static issue; the risk you prepare for today might not be the one you prepare for, or are confronted with, tomorrow
  • Conflict exists because many organizations continue to operate with the same bureaucratic slowness they have always had and are culturally unable to speed up their decision-making processes

The evening’s discussion explored the myriad of definitions, facets, and aspects that constitute risk in the 21st century. The fundamental question we tried to answer was, “Is risk changing?” The answer was clearly, “Yes.” Though the risks by which we are confronted—reputational risk, supplier risk, credit risk, intellectual property risk, and others—are not unfamiliar or different than they were 20, 30, or even 50 years ago, the vulnerabilities, threats, exposure and immediacy of risk are vastly different.

For example, due to the interconnected nature of the world in which we now live, the March 11, 2011, earthquake, tsunami, and subsequent nuclear crisis that occurred in Japan negatively affected the US economy in a way that had been previously unimaginable. The inability of Japanese power and electric companies to manage their risks effectively stifled US economic recovery. Conversely, the Chernobyl disaster in 1986 had nowhere near the global economic risk or impact associated with it.

Technological advances are rapidly changing the way in which we live, work and interact with one another. While an increasingly mobile workforce, cloud computing and social networking all have the ability to positively affect the bottom line, they also pose significant threats to organizations’ information security. Similarly, just as the introduction of the seat belt has simultaneously reduced the risk of serious injuries and death in motor vehicle crashes, it has also led to an increased feeling of invulnerability which can lead to riskier behavior. An intriguing example of this trade-off of risk we heard at the dinner was that of the 1000-car pile-up. It was posited that in the next two decades, due to technological advances in the automobile industry and highway infrastructure, we could potentially witness the first 1,000 car pile-up. Additionally, it will probably cause a number of fatalities because the vehicles involved will incorporate automated driving technologies and will be travelling at very, very fast speeds. It will be a devastating event. On the other hand, over that 20-year period the overall number of roadway fatalities will probably be reduced by half as a result of using those same automated driving technologies. The net result is that we are reducing our overall risk, but those technological trade-offs are increasing our risks so they are truly catastrophic in scope.

These same technological advances have led us to a near borderless operating environment. The trend towards anywhere, anytime, on-demand access to information has significantly changed the operating landscape and has forced organizations to think about security in terms that extend far beyond their employees, data centers and firewalls. A decade or two ago, most of an organization’s productive assets were inside the den walls of the firm. Companies could build walls and put fences around their intellectual property and mostly protect their business. Today, however, more people can do bad things to extended enterprise quicker, more frequently, and from farther distances than ever before. Cyber-attacks, malware, intellectual property theft, and counterfeit products in the supply chain are now very real and persistent threats that have changed the landscape of what constitutes risk to a 21st century enterprise.

The availability of information and the speed at which it travels can create or increase by order of magnitude a tremendous amount of risk in a very short period of time. In previous generations public entities had the time to craft a response and/or develop a strategy to mitigate or avoid damaging information whereas now that response time needs to be almost immediate. Companies now need to get ahead of the problem immediately or they risk suffering sometimes unrecoverable damage to their brands and reputations. For instance, in October of 1982, Tylenol faced a crisis when seven people in Chicago were killed by tampered extra-strength Tylenol capsules that had been laced with cyanide. The incident would cost Tylenol an estimated $100 million in lost revenue, but the brand would later emerge from the crisis and ultimately reclaim the market. In 2012, however, a woman named Bettina Siegel started a petition on to demand that the USDA stop using Lean Finely Textured Beef— commonly referred to as ‘pink slime’—in school lunches. Almost overnight, the ‘pink slime’ issue became national news and within weeks, Beef Products, Inc., the main producer of ‘pink slime’, closed three of its four plants and numerous smaller companies, such as AFA Foods Inc., declared bankruptcy.

Participants generally agreed that the risk of not managing risk is sometimes the greatest threat we face. Many times we are simply overwhelmed by the number of risks we have to calculate and make the conscious decision to focus on those few risks we feel we can manage. Ultimately, all risk can be boiled down to a decision we make or failed to make. We choose to buy off on one risk while simultaneously accepting others we didn’t even realize were there. As a society, we can do that more than our parents could and much more than our grandparents could. So not only does risk come from the decisions we make, but from the decisions we do not make or we fail to make because we choose to focus on only those risks we can manage.

Organizations are having a difficult time adjusting to the fast-paced decision-making— often concerning vague, ambiguous or unknown circumstances—that the current environment demands. The traditional, bureaucratic methods we used to rely on are no longer relevant in today’s operating environment. As an example, we can examine the pharmaceutical industry. In the United States it typically takes roughly 10-15 years from the time a product is developed until it passes through all the phases of clinical trials and FDA reviews and can be commercialized. The patent filed on a drug lasts for 20 years; however, because companies file even before clinical trials, by the time the drug hits the marketplace, the patent may only have 5 to 10 years left, resulting in a small window of opportunity for the pharmaceutical company to generate revenue. Foreign competitors, however, are often not bound by the same regulations as US companies, often allowing them to leapfrog. Because they are not bound by the same rules, foreign pharmaceutical companies can put massive resources behind embryonic stage products and move them to market very quickly. The net result is a US company that spends tens, if not hundreds, of millions of dollars developing a product only to be beat to market by a global competitor.

As we wrapped up the evening’s discussion, we agreed that there are a myriad of challenges surrounding risk and highlighted immediate areas of focus:

  • Risk is growing more complex, and current definitions and concepts of threats, vulnerabilities, and risk as a whole must be revisited
  • Organizations should focus on improving the organizational capacity to anticipate risk, respond more rapidly to risk, and respond to risks that are coming from more places simultaneously, rather than trying to perfect their ability to predict what risk is going to be
  • As organizations have gotten flatter over the years, decision-making has been distributed and disseminated; the same is true with risk. Large organizations have thousands of have thousands of people trying to deal with risk, and equal or greater numbers trying to create it. The fundamental question remains, “How do we organize ourselves to deal with risk at the enterprise level, instead of at 1,000 different points?”
  • Most of the choices we make, even the choices regarding risk, inherently create more risk for our organizations


Risk is a selective pressure. A fitting analogy when discussing risk—and our attempts to accept, mitigate, or avoid it—is that of Darwinism. Organizations are dealing with challenges they have not previously faced and their success is contingent upon their ability to adapt and deal with those challenges. As our environment has changed and the necessity of operational speed has increased, the rate at which organizations deal with risk successfully and survive, or do not, and perish, is going to increase as well. There was general consensus that, though most organizations—in the public and private sector—have a lot of improvements to make, we are taking the right steps to foster innovative approaches to prepare for the challenges and risks of the future.


World-renowned futurists Alvin and Heidi Toffler founded Toffler Associates to help organizations successfully transition to a rapidly changing global society. The couple has been exploring the future for more than 40 years, and their ideas form the backbone of how our firm operates. They remain of counsel to the firm, inspiring our outlook on the future.

The Tofflers’ books – including such classics as Future Shock, The Third Wave and War and Anti-War, as well as the recent (2006) Revolutionary Wealth – have profoundly shaped the thinking of business, government and world leaders.

Toffler Associates is a strategy consultancy, helping leaders build the extraordinary organizations of tomorrow. We serve as a catalyst for change for clients with tough problems to solve, creating impact through knowledge of the forces of change that will shape the future.

To accomplish this, we employ a collaborative approach to guide clients in the development of Knowledge Age business strategies. Our Future ProofSM business consulting service provides clarity by identifying the risks and opportunities that may lie ahead, enabling leaders to implement the changes necessary to create value, to sustain growth and to succeed in future operating environments.

We work with public-sector clients, such as federal agencies, the intelligence community, associations and educational institutions, to develop and implement ways to use resources more effectively and to build lasting public trust. We work with private-sector clients, like those in the transportation, aerospace, chemical, advanced materials, information technology and defense markets, to create and execute strategies that drive top-line growth.

We find daily inspiration in working with commercial enterprises and government agencies that are creating something that really matters to people, clients who are trying to make a difference in all of our lives. Our purpose is to help them achieve that. It is the passion that unites our firm as one community. Contact Details: Sean Page,, +1.703.864.2136. HEADQUARTERS: 1775 Wiehle Avenue Suite 250 Reston, VA 20190 Phone: 703.674.5480 Facsimile: 703.674.5494 Email:,