Being "Ready," Criminals using AI, Causes of the Opioid Epidemic & More
Profiles in Preparedness #29
When are you ever fully "ready" for disaster?
Given the ever-expanding complexity and scope of threats faced by public safety and security leaders, promising complete "readiness" sets unrealistic expectations.
It’s a fool’s errand. It sets unrealistic expectations for what an organization can do. It undermines the credibility of the person making the promise.
This week’s newsletter highlights precisely how challenging true readiness is. Selected articles include:
Security Threats: Two new articles published in The CP Journal on security preparedness amid nationwide demonstrations sparked by recent protests in Los Angeles and this weekend's "No Kings" protests.
Weather Insights: Articles covering lightning and wildfire hazards.
Cyber Threat Updates: Analyses on recent ransomware attacks targeting hospitals and insights from OpenAI’s cybersecurity report.
Public Health Perspectives: An in-depth look at the ongoing opioid crisis and factors contributing to its persistence.
Because an organization’s performance is usually judged after incidents occur, leaders who made promises of absolute readiness generally face two outcomes:
Best-case scenario: Even if your response goes exactly as planned, claiming flawless execution is insensitive or misguided as someone likely still experienced harm or disruption.
Realistic scenario: Given the unpredictable nature of disasters, something inevitably won't go perfectly. Claims of being fully "ready" leave organizations vulnerable to criticism of arrogance, incompetence, or negligence.
Instead of promising total readiness, emphasize proactiveness.
Proactiveness allows you to clearly demonstrate how your organization has anticipated threats, invested in mitigation efforts, developed response capabilities, and laid the groundwork for rapid recovery.
Proactiveness authentically communicates your seriousness to preparedness, acknowledges inherent response challenges, and transparently reveals both your capabilities and existing gaps.
Proactiveness encourages continuous improvement, allowing your organization to learn from past incidents and continuously refine strategies and practices.
Consider taking a moment this week to write down all of the proactive measures you’ve implemented for the range of threats you manage:
Would your list withstand public scrutiny?
Does it reflect meaningful, tangible actions rather than merely aspirational talk?
Is it something you're proud to share with your stakeholders and community?
An honest assessment will clarify your organization’s current strengths and reveal critical areas needing improvement, giving you a clear focus for proactive action in the second half of 2025.
Inside The CP Journal
Here are some of the articles that were added to the site this week.
🗞️A seven-step checklist for public safety and corporate security executives to ready themselves to lead their organizations through disasters, disruptions, and acts of violence when advanced warning is available.
🔐For Academy Subscribers: A three-step pre-protest preparedness framework for organizations monitoring protests that may escalate into violence, involve counter-protests, or pose a heightened risk to people, the community, or operations.
This Week‘s Reads
Here are a few standout reads from this week with insights, ideas, and perspectives that caught my attention.
🏥Article | Why Healthcare Gets Hit Hardest With Cyberattacks. Cyber attacks on hospitals present more than just a disruptive loss of data or a ransom payment. They can, and have, presented life safety risks as well. This article looks at why hospitals and healthcare facilities are such lucrative targets (the criminal value of healthcare data is far higher than credit card or phone numbers), and why they are often easier/softer targets than other critical infrastructure owners (that MRI machine might might be running on outdated and unpatchable versions of Windows).
💊Article | How the FDA Helped Ignite, and Then Worsened, the Opioid Crisis. Today, oxycodone production is about a third of what it was at its peak in 2013, but it is still three times what it was in 1999. The opioid crisis is far from over, and this article shows the inner workings of the FDA, which ignored and bypassed its own processes (processes to protect the public) to fuel the epidemic. From approving drugs with insufficient data to allow lax labelling, it shows one of the reasons our country got here.
⚡️Report | The Annual Lightning Report 2024). With over 2 billion events a year, lightning is a near-constant presence in our atmosphere. In this report of 2024 lightning statistics, Viasala breaks down trends in lightning activity and its impacts on the world’s 20 busiest airports and the largest wind farms. The link includes the option for a 20-minute video briefing.
🥸Report | Disrupting malicious uses of AI: June 2025. In a series of case studies, this report shows how criminals from China, North Korea, the Philippines, Russia, Iran and more are using ChatGPT to launch cyberattacks, design influence campaigns, and create and grow fake social media accounts. While OpenAI identified and banned the accounts, this report does provide a look at the playbooks and tactics criminal organizations are using, which makes this a worthwhile read. One takeaway (at least for me) is that the people attempting to influence perception and use mis/disinformation to shape how we see the topics that affect our lives is continuing to increase. Media literacy and the thoughtful use of social media will also continue to become a greater need if we are to counter these threats and, as a country, make the decisions that move us in the right direction.
🔥Article | Hedge Funds Face California Rebuke Over Role in Wildfire Claims. The short version of this article is that insurance companies and hedge funds are under fire for buying/selling wildfire claims that kick in if a third party, such as a utility, is suspected of being responsible for losses covered by insurers. "There’s a growing consensus that insurers can’t cover the rising costs of weather-related catastrophes alone....For that reason, the industry is looking for ways to shift part of its financial risk over to capital markets." While these transactions may be unethical, they reflect the gap between the lack of investment in mitigation and preparation for wildfires, the values at risk today, and the exposure that insurance companies face when underwriting these properties.
When You’re Ready
If you want more in-depth insights, you can become a paying subscriber to access exclusive content like our weekly Watch Office situation reports, our Tactical Analysis Course & behavioral analysis practice exercises, and the “Project Management in Emergency Management” Playbook.
And if you’re thinking about how to strengthen your organization's preparedness, that’s what we do. Whether it’s assessments, planning, speaking events, or exercises, we help teams build the skills and strategies to stay ahead of the next challenge.