Risk management is an important part of business and personal life. But with so many books on the topic, it can be hard to know which ones to buy and read. To make it easier for you, we’ve compiled a list of the best books on risk management that will guide you through everything from identifying risk to managing it successfully. Whether you’re already in the field or considering a new career, these books will help you learn about risk management and keep your business safe.
|What is Risk in Risk Management?|
|Best Books on Risk Management: The List|
|Final Thoughts on Best Books on Risk Management|
What is Risk in Risk Management?
Risk management is the fundamental process of identifying, evaluating, assessing, and prioritizing risks that arise within an organization that is controlled in order to minimize or eliminate risks.
Best Books on Risk Management: THE LIST
1 – Meltdown | By Chris Clearfield and Andras Tilcsik
A groundbreaking take on how complexity causes failure in all kinds of modern systems–from social media to air travel–this practical and entertaining book reveals how we can prevent meltdowns in business and life
“Endlessly fascinating, brimming with insight, and more fun than a book about failure has any right to be, Meltdown will transform how you think about the systems that govern our lives. This is a wonderful book.”–Charles Duhigg, author of The Power of Habit and Smarter Faster Better
A crash on the Washington, D.C. metro system. An accidental overdose in a state-of-the-art hospital. An overcooked holiday meal. Surprising new research shows that all these events–and the myriad failures that dominate headlines every day–share similar causes. By understanding what lies behind these failures, we can design better systems, make our teams more productive, and transform how we make decisions at work and at home.
Weaving together cutting-edge social science with riveting stories that take us from the frontlines of the Volkswagen scandal to backstage at the Oscars, and from deep beneath the Gulf of Mexico to the top of Mount Everest, Chris Clearfield and András Tilcsik explain how the increasing complexity of our systems creates conditions ripe for failure and why our brains and teams can’t keep up–with an emphasis on practical solutions. It’s an eye-opening, empowering, and entirely original book–one that will change the way you see our complex world and your own place in it.
Quotes from Meltdown;
“Everyday meltdowns – failed projects, bad hiring decisions and even disastrous dinner parties – have a lot in common with oil spills and mountaineering accidents.”
“When we are in charge, we ignore the perspectives of others. This is a dangerous tendency.”
“Diversity feels strange. It’s inconvenient. But it makes us work harder and ask tougher questions.”
“Leave some people out of the decision-making process so they can then bring an outsider’s perspective on it and find problems that insiders would miss.
“In a complex system…we need to rely on indirect indicators to assess most situations.”
“It’s counterintuitive: Safety features reduce safety.”
“If the system is…tightly coupled, skeptical voices are crucial because the cost of being wrong is just too high. In the danger zone, dissent is indispensable.”
“We are in the golden age of meltdowns. More and more of our systems are in the danger zone, but our ability to manage them hasn’t quite caught up.”
2 – Disasters | By Kathleen Tierney
Disasters kill, maim, and generate increasingly large economic losses. But they do not wreak their damage equally across populations, and every disaster has social dimensions at its very core. This important book sheds light on the social conditions and on the global, national, and local processes that produce disasters.
Topics covered include the social roots of disaster vulnerability, exposure to natural hazards such as hurricanes and tsunamis as a form of environmental injustice, and emerging threats. Written by a leading expert in the field, this book provides the necessary frameworks for understanding hazards and disasters, exploring the contributions of very different social science fields to disaster research and showing how these ideas have evolved over time. Bringing the social aspects of recent devastating disasters to the forefront, Tierney discusses the challenges of conducting research in the aftermath of disasters and critiques the concept of disaster resilience, which has come to be seen as a key to disaster risk reduction.
Peppered with case studies, research examples, and insights from very different disciplines, this rich introduction is an invaluable resource to students and scholars interested in the social nature of disasters and their relation to broader social forces.
Quotes from Disasters;
“Rapid and uncontrolled urbanization and intensified development in hazardous areas put ever larger populations at risk.”
“Mass shelters operated by the Red Cross were not equipped to serve persons with disabilities.”
“It is not difficult to see how social change is contributing to risk buildup and setting the stage for disasters.”
“If hazards cannot be avoided entirely, a second line of defense is to ensure that the built environment can resist the forces unleashed by disasters.”
“Adding further to their burdens, women in the United States lag behind their counterparts in other affluent countries with respect to paid family leave and child care opportunities.”
“What perhaps did come as a shock was the sheer incompetence of the responding agencies and the viciousness of the racially motivated attacks against Katrina survivors.”
3 – Superforecasting | By Philip Tetlock and Dan Gardner
Everyone would benefit from seeing further into the future, whether buying stocks, crafting policy, launching a new product, or simply planning the week’s meals. Unfortunately, people tend to be terrible forecasters. As Wharton professor Philip Tetlock showed in a landmark 2005 study, even experts’ predictions are only slightly better than chance. However, an important and underreported conclusion of that study was that some experts do have real foresight, and Tetlock has spent the past decade trying to figure out why. What makes some people so good? And can this talent be taught?
In Superforecasting, Tetlock and coauthor Dan Gardner offer a masterwork on prediction, drawing on decades of research and the results of a massive, government-funded forecasting tournament. The Good Judgment Project involves tens of thousands of ordinary people—including a Brooklyn filmmaker, a retired pipe installer, and a former ballroom dancer—who set out to forecast global events. Some of the volunteers have turned out to be astonishingly good. They’ve beaten other benchmarks, competitors, and prediction markets. They’ve even beaten the collective judgment of intelligence analysts with access to classified information. They are “superforecasters.”
In this groundbreaking and accessible book, Tetlock and Gardner show us how we can learn from this elite group. Weaving together stories of forecasting successes (the raid on Osama bin Laden’s compound) and failures (the Bay of Pigs) and interviews with a range of high-level decision-makers, from David Petraeus to Robert Rubin, they show that good forecasting doesn’t require powerful computers or arcane methods. It involves gathering evidence from a variety of sources, thinking probabilistically, working in teams, keeping score, and being willing to admit error and change course.
4 – Against the Gods | By Peter Bernstein
According to getAbstract, “This work is a minor classic of financial literacy. Business historian Peter L. Bernstein wrote it during the early 1990s when faith in the power of quantitative models and financial engineering was at its apex, and he tells a heroic story. Beginning with Greek mythology, Bernstein shows how cultural ideas about risk and probability evolved through Arab mathematics, the European Enlightenment, and Chicago School economics. He writes in a spare, straightforward style, and manages to convey the essentials of financial theory and the essences of great economists without losing the reader in a maze of equations. Of course, the 2008 financial crisis cast probabilistic models and financial engineering as global market villains. In retrospect, that makes Bernstein’s evident admiration for those models seem rather touchingly ingenuous.”
Quotes from Against the Gods;
“This book tells the story of a group of thinkers whose remarkable vision revealed how to put the future at the service of the present.”
“Theories of how people make decisions and choices seem to have become detached from everyday life in the real world.”
“Even though millions of investors would readily plead guilty to acting in defiance of rationality, the market – where it really counts – acts as though rationality prevailed.”
“The asymmetry between the way we make decisions involving gains and decisions involving losses is one of the most striking findings of Prospect Theory.”
“By showing the world how to understand risk, measure it, and weigh its consequences, they converted risk-taking into one of the prime catalysts that drive modern Western society.”
“The recognition of risk management as a practical art rests on a simple cliché with the most profound consequences: When our world was created, nobody remembered to include certainty.”
5 – Kidnap | By Anja Shortland
Kidnap for ransom is a lucrative but tricky business. Millions of people live, travel, and work in areas with significant kidnap risks, yet kidnaps of foreign workers, local VIPs, and tourists are surprisingly rare and the vast majority of abductions are peacefully resolved – often for remarkably low ransoms. In fact, the market for hostages is so well ordered that the crime is insurable. This is a puzzle: ransoming a hostage is the world’s most precarious trade. What would be the “right” price for your loved one – and can you avoid putting others at risk by paying it? What prevents criminals from maltreating hostages? How do you (safely) pay a ransom? And why would kidnappers release a potential future witness after receiving their money?
Kidnap: Inside the Ransom Business uncovers how a group of insurers at Lloyd’s of London have solved these thorny problems for their customers. Based on interviews with industry insiders (from both sides), as well as hostage stakeholders, it uncovers an intricate and powerful private governance system ordering transactions between the legal and the criminal economies.
Quotes from Kidnap;
“When there is no state, no law and no police, the boundaries between the legal and illegal are fluid.”
“Kidnap for ransom insurance is a very strange product. Few people set out to buy kidnap insurance for themselves or their loved ones.”
“Considering that Somali piracy was an illegal business conducted in stateless territory, it was surprisingly formalized.”
“It is of the utmost importance never to respond to a threat by raising the ransom offer.”
“Bargaining over the price of a hostage is a highly unusual bartering situation.”
“The system governing kidnap for ransom is of bewildering complexity – as befits the world’s trickiest trade.”
“The open seas are simply too big to patrol.”
6 – The Cybersecurity Playbook | By Allison Cerra
Many books discuss the technical underpinnings and complex configurations necessary for cybersecurity―but they fail to address the everyday steps that boards, managers, and employees can take to prevent attacks. The Cybersecurity Playbook is the step-by-step guide to protecting your organization from unknown threats and integrating good security habits into everyday business situations. This book provides clear guidance on how to identify weaknesses, assess possible threats, and implement effective policies. Recognizing that an organization’s security is only as strong as its weakest link, this book offers specific strategies for employees at every level.
Drawing from her experience as CMO of one of the world’s largest cybersecurity companies, author Allison Cerra incorporates straightforward assessments, adaptable action plans, and many current examples to provide practical recommendations for cybersecurity policies. By demystifying cybersecurity and applying the central concepts to real-world business scenarios, this book will help you:
- Deploy cybersecurity measures using easy-to-follow methods and proven techniques
- Develop a practical security plan tailor-made for your specific needs
- Incorporate vital security practices into your everyday workflow quickly and efficiently
The ever-increasing connectivity of modern organizations and their heavy use of cloud-based solutions present unique challenges: data breaches, malicious software infections, and cyberattacks have become commonplace and costly to organizations worldwide. The Cybersecurity Playbook is an invaluable guide to identifying security gaps, getting buy-in from the top, promoting effective daily security routines, and safeguarding vital resources. Strong cybersecurity is no longer the sole responsibility of IT departments, but that of every executive, manager, and employee.
Quotes from The Cybersecurity Playbook;
“Cyber threats are now so pervasive that they lurk around every connected device, every bit of data we take for granted.”
“As long as there is no shortage of bad actors, there will be no surplus of cybersecurity professionals.”
“Not only is your company destined to play defense against cybercriminals, but it must do so with near-perfect precision.”
“Bad actors want you to deprioritize cybersecurity as a nonstrategic investment. Don’t give them that power.”
“CFOs carry the flag for their organizations in ensuring the procurement process sufficiently vets third parties’ cybersecurity posture.”
“Cybersecurity is a team sport with everyone needing to play her or his position for every minute of the game.”
7 – The Global Supply Chain and Risk Management | By Stuart Rosenberg
According to getAbstract, “Global supply chains can be maddeningly complex. Stuart Rosenberg, an accomplished expert in the field, discusses how to plan for and manage the potentially catastrophic risks inherent in convoluted delivery systems. Any break in your supply chain carries substantial risk, particularly if your links are brittle. Breaks can occur as a result of various disasters – large or small, man-made, or natural. The clear danger in supply chain failure is that if manufacturers can’t get their materials and customers can’t get their products, the firms in question won’t make money and may fail. Rosenberg suggests that the more you plan for serious risk, the better you’ll be able to handle potentially catastrophic circumstances. Rosenberg’s information and insights will be useful to global supply chain professionals, students who hope one day to work in this vital field, and affected manufacturers, shippers, wholesalers, and retailers.”
8 – The Perception of Risk | By Paul Slovic
The concept of risk is an outgrowth of our society’s great concern about coping with the dangers of modern life. The Perception of Risk brings together the work of Paul Slovic, one of the world’s leading analysts of risk, risk perception, and risk management, to examine the gap between expert views of risk and public perceptions. Ordered chronologically, it allows the reader to see the evolution of our understanding of such perceptions, from early studies identifying public misconceptions of risk to recent work that recognizes the importance and legitimacy of equity, trust, power, and other value-laden issues underlying public concern.
Quotes from The Perception of Risk;
“The stakes in risk problems are high – product viability, jobs, energy costs, the willingness of patients to accept treatments, public safety and health, and so forth. Potential conflicts of interest abound.”
“By assuming that managers are rational and that they act according to the same decision criteria that public agencies prescribe, government programs to reduce hazards have been based upon predictions that often failed to materialize.”
“Disagreements about risk should not be expected to evaporate in the presence of evidence. Definitive evidence particularly about rare hazards is difficult to obtain. Weaker information is likely to be interpreted so as to reinforce existing beliefs.”
“Sex is strongly related to risk judgments and attitudes. Several dozen studies have documented the finding that men tend to judge risks as smaller and less problematic than do women.”
“Scientific analysis of risks cannot allay our fears of low-probability catastrophes or delayed cancers unless we trust the system.”
“The public is not irrational. The public is influenced by emotion and affect in a way that is both simple and sophisticated. So are scientists.”
9 – Risk Savvy | By Gerd Gigerenzer
n this age of big data we often trust that expert analysis—whether it’s about next year’s stock market or a person’s risk of getting cancer—is accurate. But, as risk expert Gerd Gigerenzer reveals in his latest book, Risk Savvy, most of us, including doctors, lawyers, and financial advisors, often misunderstand statistics, leaving us misinformed and vulnerable to exploitation.
Yet there’s hope. In Risk Savvy, Gigerenzer gives us an essential guide to the science of good decision making, showing how ordinary people can make better decisions for their money, their health, and their families. Here, Gigerenzer delivers the surprising conclusion that the best results often come from considering less information and listening to your gut.
Quotes from Risk Savvy;
“Whether the context is a weather forecast, a medical decision or a large-scale disaster, being risk savvy requires a basic knowledge of our intuitive psychology as well as an understanding of statistical information.”
“You don’t need a background in finance to understand the difference between known risks and unknown risks.”
“Like every strategy, simple or complex, trust is neither good or bad. It all depends on the environment.”
“Trust is “the mother of all rules of thumb.”
“Talking about survival can be useful for surgery and other medical treatments … but in the context of screening it is always a misleading message.”
“Some psychiatrists argue that doctors, just like ordinary folks, fall prey to the same persistent cognitive illusions.”
“For the mature adult, a high need for certainty can be a dangerous thing. It prevents us from learning to face…uncertainty.”
10 – Fukushima | By David Lochbaum, Edwin Lyman, Susan Stranahan, and the Union of Concerned Scientists
According to getAbstract, “Nuclear energy experts David Lochbaum, Edwin Lyman, Susan Q. Stranahan and the Union of Concerned Scientists offer an important chronicle of the unanticipated events that led to the calamity at Fukushima, one of history’s worst nuclear disasters. In this detailed account, an unlikely series of natural and manufactured events unfold, threatening to contaminate Tokyo with radiation. The authors’ account debunks the idea that nuclear power is safe. Their compelling granular descriptions may slow the story and blunt some main points, such as the US’s nuclear safety shortcomings. “
Quotes from Fukushima;
“Just as the Fukushima accident was unrivaled in its engineering challenges, so too was it unprecedented in its economic consequences.”
“With expert views ranging from faith that earthquakes could be predicted with certainty to disbelief that they could be predicted at all, confusion reigned in the field of seismic risk.”
“In an effort to avoid arousing fears, the government deliberately withheld crucial information – a fact that confirmed the suspicions and inflamed the distrust of many when the omissions came to light.”
“Even as up-to-date technology made disseminating the news faster and simpler, many Japanese journalists labored under the influence of traditional politics, economics, and culture, which did not reward confrontation.”
“For the first time in history, a nuclear accident was unfolding in multiple reactors at the same time.”
“From the beginning of the era of nuclear power, the Japanese public had been repeatedly assured by government regulators, plant owners, and the media that it was inherently safe.”
“It seemed nobody in government imagined a nuclear accident could produce a cloud of radiation intense enough to pose a hazard a few miles away.”
11 – The Art of Invisibility | By Kevin Mitnick
Be online without leaving a trace. Your every step online is being tracked and stored, and your identity is literally stolen. Big companies and big governments want to know and exploit what you do, and privacy is a luxury few can afford or understand.
In this explosive yet practical book, Kevin Mitnick uses true-life stories to show exactly what is happening without your knowledge, teaching you “the art of invisibility” — online and real-world tactics to protect you and your family, using easy step-by-step instructions.
Reading this book, you will learn everything from password protection and smart Wi-Fi usage to advanced techniques designed to maximize your anonymity. Kevin Mitnick knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.
The world’s most famous — and formerly the US government’s most wanted — computer hacker, he has hacked into some of the country’s most powerful and seemingly impenetrable agencies and companies, and at one point was on a three-year run from the FBI. Now Mitnick is reformed and widely regarded as the expert on the subject of computer security. Invisibility isn’t just for superheroes; privacy is a power you deserve and need in the age of Big Brother and Big Data.
Quotes from The Art of Invisibility;
“Many of us…now accept to at least some degree the fact that everything we do – all our phone calls, our texts, our emails, our social media – can be seen by others.”
“If someone were to pick up your unlocked cellphone right now, that person could gain access to your email, your Facebook account, and perhaps even your Amazon account.”
“It’s easy for malicious software to activate the webcam and microphone on a traditional PC without the user knowing it.”
“If you carry your cellphone with you throughout the day…you are being surveilled – even if you don’t have geolocation tracking enabled on your phone.”
“All you are really doing by trying to make yourself anonymous is putting up so many obstacles that an attacker will give up and move on to another target.”
“Many people, even executives at large corporations, are lazy when it comes to passwords.”
12 – Antifragile | By Nassin Nicholas Taleb
Just as human bones get stronger when subjected to stress and tension, and rumors or riots intensify when someone tries to repress them, many things in life benefit from stress, disorder, volatility, and turmoil. What Taleb has identified and calls “antifragile” is that category of things that not only gain from chaos but need it in order to survive and flourish.
In The Black Swan, Taleb showed us that highly improbable and unpredictable events underlie almost everything about our world. In Antifragile, Taleb stands uncertainty on its head, making it desirable, even necessary, and proposes that things be built in an antifragile manner. The antifragile is beyond the resilient or robust. The resilient resists shocks and stays the same; the antifragile gets better and better.
Furthermore, the antifragile is immune to prediction errors and protected from adverse events. Why is the city-state better than the nation-state, why is debt bad for you, and why is what we call “efficient” not efficient at all? Why do government responses and social policies protect the strong and hurt the weak? Why should you write your resignation letter before even starting on the job? How did the sinking of the Titanic save lives? The book spans innovation by trial and error, life decisions, politics, urban planning, war, personal finance, economic systems, and medicine. And throughout, in addition to the street wisdom of Fat Tony of Brooklyn, the voices and recipes of ancient wisdom, from Roman, Greek, Semitic, and medieval sources, are loud and clear.
13 – Beyond Cybersecurity | By James Kaplan, Tucker Bailey, Derek Halloran, Alan Marcus, and Chris Rezek
Beyond Cybersecurity: Protecting Your Digital Business arms your company against devastating online security breaches by providing you with the information and guidance you need to avoid catastrophic data compromise. Based upon highly-regarded risk assessment analysis, this critical text is founded upon proprietary research, client experience, and interviews with over 200 executives, regulators, and security experts offering you a well-rounded, thoroughly researched resource that presents its findings in an organized, approachable style.
Members of the global economy have spent years and tens of billions of dollars fighting cyber threats―but attacks remain an immense concern in the world of online business. The threat of data compromise that can lead to the leak of important financial and personal details can make consumers suspicious of the digital economy, and cause a nosedive in their trust and confidence in online business models.
- Understand the critical issue of cyber-attacks, and how they are both a social and a business issue that could slow the pace of innovation while wreaking financial havoc
- Consider how step-change capability improvements can create more resilient organizations
- Discuss how increased collaboration within the cybersecurity industry could improve alignment on a broad range of policy issues
- Explore how the active engagement of top-level business and public leaders can achieve progress toward cyber-resiliency
Beyond Cybersecurity: Protecting Your Digital Business is an essential resource for business leaders who want to protect their organizations against cyber-attacks.
Quotes from Beyond Cybersecurity;
“It is impossible to have an intelligent perspective on how well a cybersecurity function performs without understanding what it needs to protect.”
“Nobody has yet developed a robust, usable, generally applicable model for the expected economic impact of different types of cyberattacks.”
“Knowing how to respond to a cyberattack is not a question of having good instincts. It needs to be learned and embedded.”
“In a world where nobody can eliminate breaches, it becomes especially important to contain the attacker’s ability to move from one infected node of a technology network to the next.”
“Almost everyone told us that security is often the bottleneck to implementing new technologies.”
“When ‘everything is digital,’ private, public and civil institutions become more dependent on information systems.”
“Cybersecurity is first and foremost a risk management function – there is no way to prevent all cyberattacks from happening.”
14 – Hacking Innovation | Josh Linker
According to getAbstract, “Josh Linkner describes the twisted mindset and tactics of criminal hackers. He engagingly persuades you to change your attitude toward hacker techniques like crowdsourcing, rapid experimentation, reverse engineering, and mash-ups by showing how executives and entrepreneurs can use them to achieve business and social breakthroughs. Even though some suggestions might seem like familiar creative techniques under another name, his ideas offer fresh insights about turning hackers’ methods to good purpose.”
Quotes from Hacking Innovation;
“While hacking can clearly be used for wrongdoing, it can also serve as a powerful model of growth, innovation and success.”
“Hacking is not evil by nature. It is a systematic approach to overcoming obstacles and discovering new possibilities.”
“Hacking is imminently accessible no matter your age, race, rank, gender, education, background or political views. Hacking is the great equalizer.”
“Though men like [Alan] Turing…have the headlines in most of the accounts of Bletchley, of the 10,000 or so total people who worked there…about 75%…were women.”
15 – The Butterfly Defect | By Ian Goldin and Mike Mariathasan
The Butterfly Defect addresses the widening gap between the new systemic risks generated by globalization and their effective management. It shows how the dynamics of turbo-charged globalization has the potential and power to destabilize our societies. Drawing on the latest insights from a wide variety of disciplines, Ian Goldin and Mike Mariathasan provide practical guidance for how governments, businesses, and individuals can better manage globalization and risk.
Goldin and Mariathasan demonstrate that systemic risk issues are now endemic everywhere―in supply chains, pandemics, infrastructure, ecology and climate change, economics, and politics. Unless we address these concerns, they will lead to greater protectionism, xenophobia, nationalism, and, inevitably, deglobalization, rising inequality, conflict, and slower growth.
The Butterfly Defect shows that mitigating uncertainty and risk in an interconnected world is an essential task for our future.
Quotes from The Butterfly Defect;
“International organizations have been slow to recognize the fundamental changes in globalization and the nature of systemic risk.”
“Societies ignore systemic risk at our peril.”
“The impact of environmental and other events is affected by population growth and economic growth as well as by government policies that have sought to protect individuals and societies from risk.”
“With the proliferation of management education, there is standardization and shared models of how to deal with risk.”
“Individual and local choices have global impacts and vice versa: What happens outside our borders has direct daily consequences for each of us, every day.”
“Globalization has led to growth in inequality both within countries and between countries.”
“Increasingly the distinction between natural and man-made disasters is being blurred.”
“Environmental instabilities can trigger broader systemic risks in food systems, health systems and, as we see in the case of climate change, cities and nations.”
16 – The Black Swan | By Nassim Nicholas Taleb
A black swan is a highly improbable event with three principal characteristics: It is unpredictable; it carries a massive impact; and, after the fact, we concoct an explanation that makes it appear less random, and more predictable than it was. The astonishing success of Google was a black swan; so was 9/11. For Nassim Nicholas Taleb, black swans underlie almost everything about our world, from the rise of religions to events in our own personal lives.
Why do we not acknowledge the phenomenon of black swans until after they occur? Part of the answer, according to Taleb, is that humans are hardwired to learn specifics when they should be focused on generalities. We concentrate on things we already know and time and time again fail to take into consideration what we don’t know. We are, therefore, unable to truly estimate opportunities, too vulnerable to the impulse to simplify, narrate, and categorize, and not open enough to rewarding those who can imagine the “impossible.”
For years, Taleb has studied how we fool ourselves into thinking we know more than we actually do. We restrict our thinking to the irrelevant and inconsequential, while large events continue to surprise us and shape our world. In this revelatory book, Taleb explains everything we know about what we don’t know, and this second edition features a new philosophical and empirical essay, “On Robustness and Fragility,” which offers tools to navigate and exploit a Black Swan world.
Elegant, startling, and universal in its applications, The Black Swan will change the way you look at the world. Taleb is a vastly entertaining writer, with wit, irreverence, and unusual stories to tell. He has a polymathic command of subjects ranging from cognitive science to business to probability theory. The Black Swan is a landmark book—itself a black swan.
Quotes from The Black Swan;
“We respect what has happened, ignoring what could have happened.”
“Put yourself in situations where favorable consequences are much larger than unfavorable ones.”
“Now, I do not disagree with those recommending the use of a narrative to get attention…It is just that narrative can be lethal when used in the wrong places.”
“We misunderstand the logic of large deviations from the norm.”
“Every morning the world appears to me more random than it did the day before, and humans seem to be even more fooled by it than they were the previous day.”
“We humans are an extremely lucky species, and…we got the genes of the risk takers. The foolish risk takers, that is.”
17 – Why They Do It | By Eugene Soltes
Rarely does a week go by without a well-known executive being indicted for engaging in a white-collar crime. Perplexed as to what drives successful, wealthy people to risk it all, Harvard Business School professor Eugene Soltes took a remarkable journey deep into the minds of these white-collar criminals, spending seven years in the company of the men behind the largest corporate crimes in history–from the financial fraudsters of Enron to the embezzlers at Tyco, to the Ponzi schemers Bernie Madoff and Allen Stanford. Drawing on intimate details from personal visits, letters, and phone calls with these former executives, as well as psychological, sociological, and historical research, Why They Do It is a breakthrough look at the dark side of the business world.
Soltes refutes popular but simplistic explanations of why seemingly successful executives engage in crime. White-collar criminals, he shows, are not merely driven by excessive greed or hubris, nor do they usually carefully calculate the costs and benefits before breaking the law and see it’s worth the risk. Instead, he shows that most of these executives make decisions the way we all do–on the basis of their intuitions and gut feelings. The trouble is, these gut feelings are often poorly suited for the modern business world.
Based on extensive interaction with nearly fifty former executives–many of whom have never spoken about their crimes–Soltes provides insights into why some saw the immediate effects of misconduct as positive, why executives often don’t feel the emotions (angst, guilt, shame) most people would expect, and how acceptable norms in the business community can differ from those of the broader society.
Quotes from Why They Do It | By Eugene Soltes;
“We like to believe that our assessments of right or wrong come…from careful and deliberate reasoning. But reasoning isn’t always the impetus for our judgments.”
“If any of the former executives…imagined the younger version of himself peering into the future to observe his later conduct, he would likely be surprised to see the person he had become.”
“China once doled out the death penalty for white-collar convicts, but even with this ultimate punishment looming, executives continued to engage in corporate mischief.”
“With ever-growing psychological distance separating people engaged in commerce, our antiquated moral intuitions are not well designed for the modern business world.”
“By understanding the particular ways misconduct arises, we can endeavor to anticipate these mistakes and design ways to pre-empt them.”
“Only when we realize that our ability to err is much greater than we often think [will we] begin to take the necessary steps to change and improve.”
“White-collar criminal cases generally need to be built by the tedious and laborious accumulation of documentation and the triangulation of facts.”
18 – Owned | By Joshua Fairfield
In this compelling examination of the intersection of smart technology and the law, Joshua A. T. Fairfield explains the crisis of digital ownership – how and why we no longer control our smartphones or software-enabled devices, which are effectively owned by software and content companies. In two years we will not own our ‘smart’ televisions which will also be used by advertisers to listen in to our living rooms. In the coming decade, if we do not take back our ownership rights, the same will be said of our self-driving cars and software-enabled homes. We risk becoming digital peasants, owned by software and advertising companies, not to mention overreaching governments. Owned should be read by anyone wanting to know more about the loss of our property rights, the implications for our privacy rights, and how we can regain control of both.
Quotes from Owned;
“Information about consumers became the currency of the Internet, and commercial surveillance became its funding model.”
“Using the blockchain, we can recreate the power of everyday property in the online context.”
“We should be able to invite people onto the digital equivalent of our front porches but boot them out if they…rummage through the digital equivalent of our refrigerator or bedroom.”
“We own and control fewer and fewer of the products that we must use to function in modern society.”
“The Internet of Things creates an information-linked and information-responsive reality.”
“Technology itself is not the problem. The problem is when our devices serve the companies [that] made them rather than the people who purchased them.”
19 – Identifying and Managing Project Risk | By Tom Kendrick
All projects are inherently risky, and especially complex ones can potentially be the downfall for even the most experienced project manager. From technical challenges to resource issues to overwhelming and unrealistic deadlines to the rarely dependable commitment of your subcontractors, any number of things can go completely wrong–any day of the week! Therefore, perhaps the most essential component of every project manager’s job is the ability to identify potential risks before they cause unnecessary headaches and turmoil all around.Fully updated and consistent with the Risk Management Professional (RMP) certification and the Guide to the Project Management Body of Knowledge (PMBOK®), Identifying and Managing Project Risk remains the definitive resource for project managers seeking to be pro-active in their efforts to guard against failure and minimize unwanted surprises. From being able to draw on real-world situations and hundreds of examples of those who have gone before them, readers of this third edition will learn how to:• Use high-level risk assessment tools• Implement a system for monitoring and controlling projects• Properly document every consideration• Personalize proven methods for project risk planning to fit their specific project• And moreComplete with fresh guidance on program risk management, qualitative and quantitative risk analysis, simulation and modeling, and significant “non-project” risks, this one-stop indispensable resource is what every project manager needs to eliminate surprises and keep their projects on task.
Quotes from Identifying and Managing Project Risk;
“Planning for risk involves paying attention.”
“A lack of technical skills or access to appropriate staff is a large source of project risk for complex, technical projects.”
“Management of risk in projects always involves these tactics – prevention to deal with causes, and recovery to deal with effects.”
“Risks tend to recur in project after project, unless you understand the root causes and do something differently to avoid the problem.”
“Reviewing the records of technical projects, it is striking how many consecutive projects fall victim to the same problems.”
“If an activity is efficiently executed by a team of three people, a team of six will rarely be able to do it in half the time.”
20 – The Failure of Risk Management | By Douglas Hubbard
According to getAbstract, “As capitalist economies careen from one crisis to the next, it’s tempting to believe that risk management is some sort of dark art. Risk consultant Douglas W. Hubbard agrees that the economic collapse of 2008 stained his entire industry. But, he argues persuasively, the problem isn’t that risk-management tools don’t exist or don’t work; the problem is that people too rarely use effective tools. Combining plenty of real-world examples and a clear writing style, Hubbard creates an accessible user’s guide to risk management. To his credit, he doesn’t puff up his own formulation, mentioning it as one of several Monte Carlo approaches. He lays out a strategy that’s easy to follow: Start by adopting a skeptical mindset, invest in some software, then devote time and energy to gauging the chances that “something bad could happen.”
Quotes from The Failure of Risk Management;
“A weak risk-management approach is effectively the biggest risk in the organization.”
“‘How do we know our risk management efforts work?’ should be the single most persistent question of all those who manage risks.”
“When it came to designing a method for assessing and managing risks, these scientists and engineers developed an approach with no more scientific rigor behind it than an ancient shaman reading goat entrails to determine where to hunt.”
21 – Risk Intelligence | By Dylan Evans
The Failure of Risk Management provides effective solutions to significant faults in current risk analysis methods. Conventional approaches to managing risk lack accurate quantitative analysis methods, yielding strategies that can actually make things worse. Many widely used methods have no systems to measure performance, resulting in inaccurate selection and ineffective application of risk management strategies. These fundamental flaws propagate unrealistic perceptions of risk in business, government, and the general public. This book provides an expert examination of essential areas of risk management, including risk assessment and evaluation methods, risk mitigation strategies, common errors in quantitative models, and more. Guidance on topics such as probability modeling and empirical inputs emphasizes the efficacy of appropriate risk methodology in practical applications.
Recognized as a leader in the field of risk management, author Douglas W. Hubbard combines science-based analysis with real-world examples to present a detailed investigation of risk management practices. This revised and updated second edition includes updated data sets and checklists, expanded coverage of innovative statistical methods, and new cases of current risk management issues such as data breaches and natural disasters.
- Identify deficiencies in your current risk management strategy and take appropriate corrective measures
- Adopt a calibrated approach to risk analysis using up-to-date statistical tools
- Employ accurate quantitative risk analysis and modeling methods
- Keep pace with new developments in the rapidly expanding risk analysis industry
Risk analysis is a vital component of government policy, public safety, banking and finance, and much other public and private institutions. The Failure of Risk Management: Why It’s Broken and How to Fix It is a valuable resource for business leaders, policymakers, managers, consultants, and practitioners across industries.
Quotes from Risk Intelligence | By Dylan Evans;
“At the heart of risk intelligence lies the ability to gauge the limits of your own knowledge – to be cautious when you don’t know much, and to be confident when, by contrast, you know a lot.”
“Heuristics don’t always lead to biases; they often work pretty well and only lead us astray under certain circumstances.”
“Worst-case scenarios are compelling because they evoke vivid mental images that overwhelm rational thinking.”
“Almost everyone overestimates how long both good and bad feelings last.”
“Social pressures impact on risk intelligence…from the ways in which information about risks is presented to us to the conventions we use to characterize it.”
“To do a good job of bet sizing, of course, we first have to do a good job of assessing how confident we are – and this is where risk intelligence comes in.”
“The fact that risk intelligence can be developed and improved by means…shows us that it is not a fixed innate mental capacity, such as face recognition or locomotion.”
“Another of the powerful but generally subliminal ways in which social pressures affect risk intelligence is the widespread tendency to follow the crowd.”
22 – Single Point of Failure | By Gary Lunch
Over the past decade organizations have faced relentless customer demand for better value at less cost, individual customization, greater choice, faster delivery, higher quality, exceptional service, and more recently – increased environmental and social consciousness. The organization’s weapon of choice to address this increasing demand has been the supply chain. However, as the supply chain footprint changed (e.g. outsourcing, off-shoring, and customer/vendor empowerment) so did the organization’s exposure to uncertainty. Organizations were taken by surprise since this exposure was unanticipated, complex, and beyond their ability to manage. As customers become more demanding and change occurs at an even greater pace, supply chain risk continues to propagate like a parasite. Organizations and societies are at a much greater risk of systemic failure because of the massive interdependency throughout global supply chains. The priority now is two-fold; play catch-up and address these massive gaps while deploying more intelligent and integrated strategies (i.e. social awareness, instinctive, dynamic, and predictive) for dealing with continuous change.
Single Point of Failure: The 10 Essential Laws of Supply Chain Risk Management uses analogies and dozens of case histories to describe the risk parasite that infects all supply chains while revealing methods to neutralize that parasite. The book addresses the questions: What are the “single points of failure”? How exposed are customers, investors, other stakeholders and ultimately the organization? What is the measurable impact (i.e. brand, financial, strategic, and non-compliance)? Who establishes the “risk paradigm”? How does the organization efficiently and effectively allocate precious resources – time, people, management attention, and capital? How is success measured? This book is both technically powerful and effectively realistic, based on today’s complex global economy.
Quotes from Single Point of Failure;
““Risk doesn’t exist at a distant port or in a warehouse in another country; it is everywhere.”
“Risk is a parasite that resides in every process.”
“Many pharmaceutical executives may not even realize that their suppliers consist of hundreds of extremely small, poor and uncontrolled pig farms in rural third-world regions.”
“The identification, quantification and mitigation of risks is a detailed, tedious and unrewarded exercise.”
“A widespread assumption…is that second- and third-tier manufacturers somehow magically adhere to mandated risk management practices. The simple truth: They do not.”
23 – Surviving and Thriving in Uncertainty | By Frederick Funston and Stephen Wagner
The ability of businesses to survive and thrive often requires unconventional thinking and calculated risk-taking. The key is to make the right decisions―even under the riskiest, uncertain,and turbulent conditions.
In the new book, Surviving and Thriving in Uncertainty: Creating the Risk Intelligent Enterprise, authors Rick Funston and Steve Wagner suggest that effective risk-taking is needed in order to innovate, stay competitive, and drive value creation.
Based on their combined decades of experience as practitioners, consultants, and advisors to numerous business professionals throughout the world, Funston and Wagner discuss the adoption of 10 essential and practical skills, which will improve agility, resilience, and realize benefits:
- Challenging basic business assumptions can help identify “Black Swans” and provide a first-mover advantage
- Defining the corporate risk appetite and risk tolerances can help reduce
- the risk of ruin.
- Anticipating potential causes of failure can improve chances of survival and success through improved preparedness.
- Factoring in velocity and momentum can improve the speed of response and recovery.
- Verifying sources and the reliability of information can improve insights for decision making and thus decision quality.
- Taking a longer-term perspective can aid in identifying the potential unintended consequences of short-term decisions.
Quotes from Surviving and Thriving in Uncertainty;
“The proper aims of risk management in business are to preserve existing value and to enable the creation of new value.”
“If you really want to learn what is going on in a company, spend time in the employee cafeteria. That’s where the truth is.” (Bob Eckert, chairman and CEO, Mattel, Inc.)
“Efforts to achieve security by standing still, hunkering down or attempting only that which has been attempted in the past will not produce security.”
24 – Cybersecurity and Cyberwar | By P.W. Single and Allan Friedman
A generation ago, “cyberspace” was just a term from science fiction, used to describe the nascent network of computers linking a few university labs. Today, our entire modern way of life, from communication to commerce to conflict, fundamentally depends on the Internet. And the cybersecurity issues that result in challenge literally everyone: politicians wrestling with everything from cybercrime to online freedom; generals protecting the nation from new forms of attack, while planning new cyberwars; business executives defending firms from once unimaginable threats, and looking to make money off of them; lawyers and ethicists building new frameworks for right and wrong. Most of all, cybersecurity issues affect us as individuals. We face new questions in everything from our rights and responsibilities as citizens of both the online and real-world to simply how to protect ourselves and our families from a new type of danger. And yet, there is perhaps no issue that has grown so important, so quickly, and that touches so many, that remains so poorly understood.
In Cybersecurity and CyberWar: What Everyone Needs to Know, New York Times best-selling author P. W. Singer and noted cyber expert Allan Friedman team up to provide the kind of easy-to-read, yet deeply informative resource book that has been missing on this crucial issue of 21st-century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters, and what can we do? Along the way, they take readers on a tour of the important (and entertaining) issues and characters of cybersecurity, from the “Anonymous” hacker group and the Stuxnet computer virus to the new cyber units of the Chinese and U.S. militaries. Cybersecurity and CyberWar: What Everyone Needs to Know is the definitive account on the subject for us all, which comes not a moment too soon.
Quotes from Cybersecurity and Cyberwar;
“Indeed, we are so surrounded by computers that we don’t even think of them as ‘computers’ anymore.”
“To cause true damage entails an understanding of the devices themselves: how they run, their engineering and their underlying physics.”
“The Internet that we’ve all grown to love and now need is increasingly becoming a place of risk and danger.”
“Cybersecurity is one of those areas that has been left to only the most technically inclined to worry their uncombed heads over.”
“Our most senior leaders, now in their 60s and 70s, likely did not even become familiar with computers until well into their careers and many still today have only the most limited experience with them.”
“Security costs money, but it also costs time, convenience, capabilities, liberties, and so on.”
“Cyberspace is so difficult to define…not only in its expansive, global nature, but also in the fact that the cyberspace of today is almost unrecognizable compared to its humble beginnings.”
25 – Fundamentals of Enterprise Risk Management |By John Hampton
Risk in business cannot be avoided–but that doesn’t mean there isn’t a better way to work through it. The problem is, most risk management strategies, books, and experts are based on outdated concepts, technologies, and markets. Since the 2008 financial crisis that set the baseline for the roller-coaster market we deal with today, combined with the constantly changing developments in technology and communications, modern-day risk management demands dealing with up-to-the-minute approaches for defending against threats–and seizing opportunities just as quickly. Extensively updated, the second edition of Fundamentals of Enterprise Risk Management examines the latest technologies such as Riskonnect and High Tech Electronic Platform (HTEP) and helps readers recognize both internal and external exposures, understand crucial concepts such as risk mapping and risk identification, and align risk opportunities with their organization’s business model. Packed with practical exercises and fresh case studies from organizations such as IBM, Microsoft, Apple, JPMorgan Chase, and Sony, this one-stop guide provides readers with the tools and information they need to keep their twenty-first-century organizations as blissfully risk-free as possible.
Quotes from Fundamentals of Enterprise Risk Management;
“Enterprise risk varies with the line of business, the nature of the entity, political and economic issues, and other factors.”
“Is risk management an art or a science? Taleb says it is an art because execution is involved. We can replicate scientific efforts. Risk management varies with each challenge.”
“A graphic presentation of risk in a hierarchical structure significantly enhances our understanding of enterprise risks and their relationships.”
“External risks are largely uncontrollable, as they arise from the competitive environment, economic factors, acts of regulatory bodies and other outside sources.”
“Organizations must implement ERM to prove its value, but management often expects the value to be proven prior to implementation.”
26 – How Risk Is It, Really? | By David Ropeik
International risk expert David Ropeik takes an in-depth look at our perceptions of risk and explains the hidden factors that make us unnecessarily afraid of relatively small threats and not afraid enough of some really big ones. This read is a comprehensive, accessible, and entertaining mixture of what’s been discovered about how and why we fear―too much or too little. It brings into focus the danger of The Perception Gap: when our fears don’t match the facts, and we make choices that create additional risks.
This book will not decide for you what is really risky and what isn’t. That’s up to you. HOW RISKY IS IT, REALLY? will tell you how you make those decisions. Understanding how we perceive risk is the first step toward making wiser and healthier choices for ourselves as individuals and for society as a whole.
Quotes from How Risk Is It, Really?;
“Any risk feels bigger if you think it could happen to you.”
“A thousand fearful images and dire suggestions glance along the mind when it is moody and discontented with itself. Command them to stand and show themselves, and you presently assert the power of reason over imagination.” (Sir Walter Scott)
“When we get risk wrong, when we are more afraid or less afraid than the facts suggest we need to be, the Perception Gap becomes a risk in and of itself.”
“We have evolved to be afraid of the dark. For most of human history, the dark was a time when we were in the food chain, not at the top of it.”
“If there is a benefit, we play down any associated risk in order to get it. If there is a risk, we play down potential benefits in order to protect ourselves.”
27 – Cybersecurity for Executives | By Gregory Touhill and C. Joseph Touhill
- Emphasizes, in a direct and uncomplicated way, how executives can identify, understand, assess, and mitigate risks associated with cybersecurity issues
- Covers ‘What to Do When You Get Hacked?’ including Business Continuity and Disaster Recovery Planning, Public Relations, Legal and Regulatory Issues, and Notifications and Disclosures
- Provides steps for integrating cybersecurity into Strategy; Policy and Guidelines; Change Management and Personnel Management
- Identifies cybersecurity best practices that executives can and should use both in the office and at home to protect their vital information
Quotes from Cybersecurity for Executives;
“The advent of the Cyber Age just presents many of the same type of risks in a different format or means of delivery.”
“As an executive, one of your primary responsibilities is to manage risk to protect your business and create an environment for it to grow and thrive.”
28 – Strategic Risk Taking | By Aswath Damodaran
In business and investing, risk has traditionally been viewed negatively: investors and companies can lose money due to risk and therefore we typically penalize companies for taking risks. That’s why most books on risk management focus strictly on hedging or mitigating risk.
But the enterprise’s relationship with risk should be far more nuanced. Great companies become great because they seek out and exploit intelligent risks, not because they avoid all risk. Strategic Risk Taking: A Framework for Risk Management is the first book to take this broader view, encompassing both risk hedging at one end of the spectrum and strategic risk-taking on the other.
World-renowned financial pioneer Aswath Damodaran–one of BusinessWeek’s top 12 business school professors–is singularly well-positioned to take this strategic view. Here, Damodaran helps you separate good risk (opportunities) from bad risk (threats), showing how to utilize the former while protecting yourself against the latter. He introduces powerful financial tools for evaluating risk and demonstrates how to draw on other disciplines to make these tools even more effective.
Simply put, Damodaran has written the first book that helps you use risk to increase firm value, drive higher growth and returns, and create a real competitive advantage.
Quotes from Strategic Risk Taking;
“The key to success lies not in avoiding risk but in taking advantage of the opportunities it offers.”
“The essence of risk management is…deciding which risks to exploit, which ones to let pass through to investors, and which ones to avoid or hedge.”
“There seems to be clear evidence that human beings collectively are risk averse, and they become more so as the stakes become larger.”
“Unlike risk hedging, which is viewed as the job of the finance function, risk management should be on the agenda of everyone in the firm.”
“There is surprisingly little empirical support for the proposition that hedging adds value.”
Final Thoughts on the Best Books on Risk Management
In the past few decades, the Risk Management profession has been steadily growing. The field is now a necessity in today’s globalized world, as organizations are facing an unprecedented number of risks due to factors such as: technological innovation and proliferation, globalization and deregulation, complexity and interconnectedness, and rapidly changing stakeholder expectations.
Do you see a book that you think should be on the list? Let us know your feedback here.