Game Theory Sparks Terrorism Risk Modeling

There isn’t enough historical data to help companies keep pace with intelligent adversaries.

Given that figuring out the probability of an attack based on the available data is currently so difficult, how can a particular CFO gain a more precise basis for managing the risks of an attack on his or her corporation?

To be sure, probability — estimating the frequency of an event by comparing different sets of data — is still very much in use. But a consensus for a more eclectic and dynamic approach to modeling terrorism risk appears to be emerging.

Using such an approach, probabilities can be built into computer-simulation models, enabling risk analysts to determine the likelihood that terrorists will act in certain ways given certain scenarios.

Yet no matter how up-to-the minute and precise terrorism risk models are, terrorists are notorious for acting in unexpected ways. To anticipate those ways, companies are increasingly relying on game theory, under the notion that by hunting down villains in hypothetical situations, you might be able to unearth the unexpected.

The Desire of al-Qaeda
From the very beginning of terrorism risk modeling, analysts knew that a different game was afoot than that of trying to assess the likelihood of an earthquake or a tornado. Barely more than a year after the 9/11 attacks, Gordon Woo, a mathematician with Risk Management Solutions who had just created RMS’s first terrorism risk model, was declaring that a “traditional probabilistic approach, such as used for modeling natural catastrophes, is simply not up to the challenge” of quantifying terrorism risks.

In introducing the model in 2002 (two other such firms, AIR Worldwide and EQECAT also introduced models that year), Woo said he used game theory in developing it. “Game Theory helps us model the implications of the complex dynamics between… conflicting factors,” he said at a seminar then. “On one hand, we have al-Qaeda’s desire to maximize the utility of their attacks, and on the other hand, we have to consider their rational response to stepped-up security and counter-intelligence efforts and the constraints of their technological and logistical capacities.”

While such models enabled companies to zero in on protecting what are now called “trophy targets” — highly visible, highly valuable corporate assets like the Sears Tower in Chicago — they did not yet focus on analyzing the actions of terrorists in response to counter-terrorism.

In the intervening years, however, counter-terrorism has outstripped terrorism by a considerable margin, according to Woo. Testifying in September before the House Financial Services Committee, he could say that terrorism risk has become “as much about counter-terrorism action as about terrorists themselves. U.S. terrorism insurance is essentially insurance against the failure of counter-terrorism.”

4 thoughts on “Game Theory Sparks Terrorism Risk Modeling

  1. Very insightful and I will certainly post forward. We face risk everyday of our lives and perhaps by human nature spend much of each day trying not the thing about it… Good strategy for a single person, not so good for organizations, who surprise me with an ‘isn’t this an insurance matter’ attitude.

    It is about analysis, review, process and procedure… and then some.

    • It sounds like the editors had a bare spot to fill when they used this article. Here in the DC metro area, “game theory” has not been referenced since … um… college days for most of us. Check out both Google (west coast) and InQtel / DARPA award lists (East Coast, Arlington VA) for the latest developments in predictive modeling. Or NIST / Germany collaborative efforts. Game theory algorithms long ago gave way to a new genre of real -time prediction, much of which will utilize technology reflected in early stages of squid and related R&D, (see NIST 2012), and incorporate physical elements such as ambient noise monitoring and other pervasive capture methodologies.

      But the real danger to corporations worldwide, is not terrorism – which per US Dept of State’s latest tallies, kills on average 150 – 250 persons worldwide, each year, 2001 being an exception – but executive kidnap, family kidnap, and crime. Drug cartels and syndicated crimes kill far more each year, than the 911 flights combined. And kidnap or threats to family members are much more likely to impact a corporate executive or senior manager, than is terrorism.

      Our own company continues to search diligently, and to support the ongoing and heartbreaking search, for our CEO’s kidnapped child, violently abducted at age 8, from very near CIA HQ in Mclean VA, following extortion threats and demands referencing his mother’s alleged CIA affiliation and White House recognition for Sept. 11 intelligence actions. Evan Carpenter remains missing, and even the US Pentagon, opening its own inquiry into Evan’s disappearance earlier this year, has found no sign of this child. Child or family member kidnap – for extortion or retaliation – remains the most common threat worldwide, facing corporations or government or law enforcement individuals; followed by drug or crime cartel killings. Witnesses to Evan’s kidnap could not stop crying, hysterically. And this was because his mother’s involvement and recognition for efforts in public safety, were not kept confidential. Wherever there is a lot of money or influence involved, there will be a lot of risk.
      This is a significant point for people to remember, because it is a very different motivation, from terrorism. And requires an entirely different mindset to address. And yet, this motive – greed, and its adjacent motive of coercion (desire to compel or prevent a certain action, whether testimony, or providing information, etc) – poses a much greater threat to corporate or government execs than terrorism. And to families.

      Evan is the first child to be hurt – possibly murdered – on US soil because of a parent’s intelligence affiliation or role, in US history. And he was only 8.

  2. Science has moved much farther ahead than this article would indicate. In fact there exists a new science based on probability (versus predictive modeling) that already does and surpasses what is being discussed in this article. It is a scientific breakthrough that was patented by USPTO in January 2012. See USPTO, Complexity Systems Management Method, Patent No.: US 8,103,601 B2. The research behind this patent received the Navigator Award from the Potomac Institute (with ties to DARPA and the IC) way back in 2004. It is always a good idea to have a patent watch or other search mechanism for new technologies before writing articles like these. Otherwise you risk looking a bit silly to real scientists who believe in real research before they write a paper.

  3. In the current environment where companies operate on global foot print the tentacles of terrorism extents beyond the company to the dealers and supplier bases. With lack of data and a robust model to predict the impact,it has become difficult to manage on a global platform.


Your email address will not be published. Required fields are marked *