Don't confuse complexity with sudden, acknowledgement or increased awareness.

An increasing number of headlines and narratives speak to growing 'complexity' within the modern world. 

No doubt, you have seen them...

Especially in marketing and 'buy me' articles and websites. 

"In an increasingly complex world..."

"In a world that is ever more complex and dynamic..."

These phrases and expressions are increasingly present when discussing or considering security and risk management.

Is it more complex?

Are others simply more "aware"? 

Or, are there those that now acknowledge that there is simply "more to it"?

Complexity has been around for a long time. 

Ignorance has been around longer. 

Science and evidence-based decision making is relatively new on the scene for humankind. 

Moreover, positivist approaches are neither widespread, consistent or universal; further clouding the real issues. 

Furthermore, it can be frustrating to learn about something new, only to find that there is more and more and even more again to learn on the subject. 

It can seem a never-ending process. 

Because it is.

See the Dunning-Kruger Effect for more on this issue. 

Ideology, world view, education, community, perception and cognition will all feature. 

The point being; those espousing 'increased complexity' maybe repurposing the requirement for you to learn more and understand that there are multifaceted factors to consider. 

Especially in affairs related to transnational and global security or risk management. 

Some are just marketing to you and want you to buy their stuff. 

The two are not immediately identifiable or mutually exclusive. 

Your acceptance of the proposition that there is more to learn is both an opportunity to learn...and to be exploited. 

"Buy this book". 

"Take up this subscription". 

"Consume our consulting services, advice, membership and all that we sell". 

Are examples of marketing, exploitation and manipulation. 

Here's a topic; here is what I found; this is what I think; these are my recommendations/findings based on the whole process; including peer review and transparency. 

Are examples of education and the scientific method. 

Take the time to understand which one is which. 

Take the time to identify which broad category the 'narrative', product or content in front of you falls into. 

You may find that the complexity was always there; devoid of your interest and awareness. 

Over time, you may find things are less complex; especially with quality education, advice and transparency. 

Unfortunately, the endless availability, verification, consideration and consumption of knowledge, information and advice is required; if you thought you could avoid it.

Life long learning will reduce complexity, but there will always be things you don't know or leave you vulnerable to marketing, exploitation or manipulation. 

Models, frameworks, theories and empirical evidence are signposts for academic, scientific and evidence-based application of knowledge. 

Standards, "bespoke methods" and company/branded approaches are not.

Don't despair, we are not alone, and this is not a new frustration. 

Throughout human history, philosophers, renaissance men, authors and scientists have lamented that education and knowledge are not gifted to anyone. 

"Education is the kindling of a flame, not the filling of a vessel."― Socrates

"The more I read, the more I acquire, the more certain I am that I know nothing."― Voltaire

"Education: the path from cocky ignorance to miserable uncertainty."― Mark Twain

?

"Your assumptions are your windows on the world. Scrub them off every once in awhile, or the light won't come in."― Isaac Asimov

Security and risk management is no different. 

Complexity has always been there, and yes, the scale is expanding, but it can't be simplified into the odd memo, email or alert. 

This is the paradox of transnational and global security risk management. 

In addition to the double intangibilities of 'security'. 

"Potential consumers of security are faced with the intangibility of risk (the problem of knowing precisely how at risk they are and from what source) as well as the intangibility of protection (the problem of knowing whether the good or service on offer can or will mitigate that risk)." 

Loader, I. Goold, B. Thumula, A. (2015) 'Grudge spending: the interplay between markets and culture in the purchase of security' The Sociological Review, 63 (4), pp. 858-875.

Tony Ridley

Enterprise Security Risk Management and Security Science.