Humans are bad at understanding the risk. The example above is from the US Airways plane that Captain Sullenberger landed on the Hudson River. It’s a picture of the passengers and crew standing on the wings waiting for rescue. (First – planes can float?!?).

You can’t easily tell, but the majority of passengers are NOT wearing life jackets. In fact only 33 of the 150 passengers had them on. Only four people had them on correctly (fastened). Imagine that you just survived a one-in-a-million event and you don’t take the precaution to survive the far-more-common death by drowning.

Note the Hudson River is about a mile wide between Manhattan and Hoboken. If the plane is exactly in the middle, and let’s face it, it probably was, that’s a half-mile swim. Very few people can swim a half-mile. Oh! It was also February! The water is damn cold – in the fifties.

I think about this when I’m managing projects. Risk management is hard. Understanding and evaluating risks are hard. Predicting probability is hard. It doesn’t mean we shouldn’t do it but understand we’re not good at it. I always reserve time – it’s better to have it when something bad happens. And it usually does.

News reports say that a Seattle hacker stole 100 million credit applications. She is an ex-employee of Amazon’s AWS service that housed the Capital One database. Before talking about this incident from a risk management standpoint, I am a little surprised that Capital One, #98 on the Fortune 100 with $6B in profits last year, can’t/won’t build a sufficient IT infrastructure. I guess they decided to Transfer the risk.

I can’t wait to hear the entire story. A female hacker that failed to graduate from the local community college (that I taught at!) is an interesting story.

From a risk management perspective, there are several angles. Perhaps she stole the data while she was an employee and just got caught now. It’s possible that when she left Amazon, the exit process where all her accounts are disabled may not have been followed. Maybe she had inside help.

But maybe she hacked one of the largest tech companies in the world to get data from one of the largest financial companies in the world. Wow!

While these hazards begin with fire, they are ultimately about human risks”

AZ Central has an incredible story about how the conditions that caused the deaths of 85 people in the Camp Fire are prevalent throughout the West. They analyzed nearly 5,000 towns and found 526 have a risk potential higher than Paradise, CA. These risks are:

1. Evacuation Constraint: the number of roads leading out of town. Eleven people died while evacuating Paradise.
2. Resident Age: 10% of Paradise residents were over 75 years old. Of the 85 that died, 62 were over 65 years old and 36 were over 75.
3. Disabled Residents: 25% of Paradise residents were disabled, twice the national average.
4. Alert System: in what seems like the biggest mistake, no emergency alert was broadcast to Paradise residents. Despite the fact the county has the ability to send mobile alerts (many counties do not), they did not do so.
5. Mobile Homes. 12.5% of homes in Paradise are mobile homes. Mobile homes tend to be less fire resistant and closer to each other and thus more susceptible to fire. 37 of the 85 people who died lived in mobile homes.

We are bad at evaluating risk. Hundreds of thousands of people live in wildfire zones. Many millions are on the opposite side of the environmental spectrum, coastal populations will be under water within a decade or two.

The best answer is the obvious one – don’t live in wildfire zones. But we struggle, and mostly fail, to provide for adequate housing, driving people farther into the wilderness. Ultimately it may be insurance companies that save us. They may simply stop insuring homes where the risk is too high.