In the 21st Century, Organizations Make Their Own Luck
Organizations must be able to weather shocks, and they should act in ways that allow them to adapt, growing stronger as a result of their adaptability. Bill Murray, Senior Researcher and Advisor at Leading Edge Forum, explains the three core organizational skills companies should hone in the pursuit of antifragility.
This year’s World Economic Forum Global Risks Report found that two of the most prominent risks for U.S. businesses will be inadequate protection against cyberattacks and the potential environmental disasters stemming from climate change. And these are just the predictable risks. What of the “Black Swans?” – large economic, political and business shocks are hard to predict. In the last decade, we have had the credit crunch in 2008, the Deepwater Horizon oil spill in 2010, the Arab Spring and Fukushima in 2011 and Black Monday in 2015. The report also says that we fail to understand and plan for the systemic risks that arise from the increasingly interconnected networks of digital systems and transport, infrastructure and financial networks. The interconnected nature of these networks increases the chances of cascades; shocks trigger other shocks, affecting supply chains, customers, investors and counterparts elsewhere. The impact of one of these shocks today is more widespread and costly than a decade ago. The more interconnected we are, the more vulnerable we are. The irony of networks is that they both attract and disperse risk.
Businesses have become remarkably adept at understanding how to mitigate risks that can be relatively easily isolated and managed with standard risk management approaches. But it does not help that we often design fragility into our systems and processes, particularly through efficiency and cost-cutting initiatives. Indeed, in a world of increasing risk and rapid change, organizations are regularly slipping up as they struggle to navigate new environments.
The Limits of Risk Management
It is tempting for leaders to focus on risk management and “battening down the hatches” to build what they consider to be a robust organization. However, while robustness seeks to shield organizations from damage, it also wards off any potential upside that can come from such challenges. With risk management we are, to some extent, managing risks that we have already seen or can already imagine – those that could be labelled “known unknowns” – but this does not address unexpected risks.
Added to this is the fact that risk management is generally separated from value creation and growth. Although security and risk managers are keen to talk about the value of risk management, the issue is that the places and mechanisms that we use to discuss and decide on risk management are not the same as those that we use to address business value and growth; they are separate domains.
In the 21st century, organizations instead need a playbook that allows them to survive and even benefit from the unexpected. Antifragility is a lens all organizations can benefit from in an increasingly uncertain world.
What is Antifragility?
Antifragile systems actually benefit from chaos and change; for example, evolutionary biological systems benefit from shocks. Antifragility through a business lens fuses value creation with risk management in highly volatile and uncertain environments, providing practices that can be applied at component, process and business model levels across all aspects of the organization.
Becoming antifragile is not about increasing resilience in the face of expected shocks, but about systematically stressing the organization, then learning and restructuring to take advantage of unexpected shocks. The goal of antifragility is to “bend luck” and to try and create an organization that stands to gain more in the good times than it stands to lose in the bad times: a “positive asymmetric position.” If this can be done consistently, the organization will get stronger and more successful over time.
Antifragility should be embedded in the business strategy, IT strategy and all other functional strategies. It focuses on three core organizational “skills:”
- Sensing: the ability to understand and evaluate what is coming
- Choosing: the ability to make smart, strategic choices in uncertain circumstances
- Changing: the ability to drive effective change to capitalize on opportunities
Sensing
If we know what’s coming – both opportunity and threat – we simply have more runway to exploit it. This includes sensing and learning about all aspects of our environments, including technology, societal, risk, regulatory and competitive trends and disruptions. Applying better and more business intelligence is a powerful component and business-systems-level lever to do this. Creating sensing capabilities in the wider ecosystem is a powerful extension of this beyond company boundaries. A great example of this is banks sharing fraud data early and often – it makes their business systems much more antifragile.
Choosing
In times of stasis, the number of choices and the amount of volatility, uncertainty, complexity and ambiguity surrounding those choices is limited. In highly complex, chaotic times, the opposite is true. We have to continually make smart strategic choices, even in foggy conditions. Common disciplines like value-based management, combined with more sophisticated overlays such as scenario planning and option valuation, can help us be more antifragile in the face of change. In the 21st century organization model, digital strategy, digital governance and value-centric leadership are most relevant here.
Managing Change
Working on our ability to change is a powerful tool in the quest for antifragility. Underlying this are a whole host of disciplines, but perhaps most important is the ability to estimate change capacity. How much change can your business handle? Do you know? Do you have a means of finding out? If the answer to those questions is negative, there may be a problem. If you accept too little change as a business and/or as an IT organization, you will get left behind by your competitors and the market – which is a form of relative/absolute fragility. On the other hand, if you try to push through too much change, at best you will fail to reap the full value of that change; at worst, you will create chaos, vulnerability, demotivation, confusion and/or failure.
Winning in the 21st Century
By bringing these three core skills together, your business is getting 21st Century ready. Traditionally, risk management metrics would be subservient to the revenue and profit growth figures, but antifragility is such an important quality that it should be one of the most important features of a successful enterprise. If we are antifragile in an increasingly volatile environment, value eventually comes – through revenue, profit and growth.
Bill Murray, based in the U.K., is a Senior Researcher and Advisor for Leading Edge Forum. Bill is the author of the report entitled, Rethink Risk Through the Lens of Antifragility, co-author for the publication The Renaissance of the IT Organization and currently working on a new research project, Mastering Platform Businesses.
Bill’s IT career spans over 30 years, with 16 years as a Founder and Partner of Differentis, providing strategic IT consulting services to many industry sectors. Bill has experience developing digital and business technology strategies, business cases and change programs involving technology disruptions such as consumerization, analytics and cloud-based services. Most recently, Bill has been helping clients develop IoT-enabled business propositions and services in connected health, connected insurance, FMCG and supply chains and advising on IoT platforms.
Bill is a chartered engineer by background and started his career with Arup in high energy impact analysis in the nuclear and automotive industries. 
