Load low-bandwidth site?

Published: September 20, 2022

Of Black Swans and Worst-Case Scenarios: how humanitarians contend with collateral violence and catastrophic risk

By: Abby Stoddard

Share this:

Every year, Humanitarian Outcomes publishes the latest verified casualty statistics for aid workers globally. This year’s figures reflect the increasing threat to aid workers from random and collateral violence in the face of major combat operations and airstrikes. In this blog, Humanitarian Outcomes’ Abby Stoddard considers why humanitarian organisations struggle to manage risk in the face of uncertainty and the steps to take to prepare for the unpredictability of major warfare.

Just before the 1000kg truck bomb exploded outside the UN headquarters in Baghdad’s Canal Hotel in August 2003, the humanitarians inside were going about a typical workday. Scores of people sitting in offices, lunching in the cafeteria, or meeting with colleagues in the NGO coordination centre were plunged into a scene of chaos and destruction inconceivable a second earlier. To date, this attack has the single highest body count of all incidents recorded in the Aid Worker Security Database.

Every year around the anniversary of the Canal Hotel bombing, now commemorated as World Humanitarian Day, Humanitarian Outcomes publishes the latest verified casualty statistics for aid workers globally. This past year was notable for numerous reasons. First, although the number of reported attacks (268) was slightly lower than in previous years, they resulted in more deaths than in any other year since 2013—with 141 aid workers killed. Second, the localisation of risk continues, with national organisations disproportionately bearing the casualty toll. Third, after Russia’s invasion of Ukraine, preliminary data suggest that the beginning of 2022 may have been an inflexion point: a humanitarian sector that has long focused its security risk mitigation measures on targeted violence by non-state armed groups and criminals now faces a growing threat of the random and collateral violence that comes with major combat operations and airstrikes.

Moreover, the suddenly plausible risks of a chemical, biological, radiological or nuclear (CBRN) event in Ukraine caused by deliberate or inadvertent military actions have raised the spectre of a potentially catastrophic security incident with unimaginably worse outcomes than the Canal Hotel tragedy.

Managing risk vs uncertainty

All violence is highly context-specific, and the global attack numbers do not obey any general rules, but over 15 years of tracking casualty data reveal certain patterns. For instance, there are usually fewer than six emergency contexts where most violence occurs in any given year. These tend to be the “complex emergencies” where protracted conflict or instability reinforces conditions of chronic poverty and where militias and criminal gangs see aid workers as valuable economic and political targets. Non-state armed groups perpetrate most attacks on aid workers, the most common means of violence is shooting, and the most common location is on the road, in roadblock ambushes.

While challenging and highly dangerous, the violent acts described above are familiar risks for which humanitarian organisations routinely adopt mitigation measures to reduce their likelihood and potential impact. Active acceptance work in communities and negotiation with armed groups are examples of measures to reduce risk, as are curfews, road travel protocols, and protective equipment for people, vehicles, and buildings. But when it comes to collateral violence, such as being affected by airstrikes or other indiscriminate violence, we move from known risks into the realm of uncertainty.

Uncertainty describes the sort of risks that are either hard to foresee and measure, hard to mitigate against or both. Randomness can play a significant role in this difficulty. As one security manager quoted in this year’s Aid Worker Security Report put it, “randomness (and stupidity) are the hardest things to mitigate for.” While the aid sector has made great strides in security risk management (SRM) and unquestionably improved operational security, SRM systems often fail to incorporate uncertainty, focusing instead on the ‘usual’ risks.

A forthcoming paper, ‘Risk Management & Decision Making Under Uncertainty During the Afghanistan Crisis, 2021’, authored by NGO security professionals Araba Cole and Panagiotis Olympiou, explores this problem in the context of the Taliban takeover of Afghanistan last year. Although the eventual accession of the Taliban to power after US troop withdrawal was all but a certainty, the rapidity of the takeover surprised everyone, and aid organisations were sent scrambling, temporarily suspending projects and leaving needy populations in the lurch.

Arguably, the principles underpinning SRM frameworks run directly counter to incorporating uncertainty because logic dictates that you should focus your limited attention and resources on the likeliest risks. While targeted violence gives you a focal point to negotiate with or avoid, randomness deprives you of this. Shelling and rocket attacks are an example. Apart from not working within the range of these weapons (which is a path most organisations choose, to the detriment of civilian victims of war), it is difficult to design mitigating measures against being struck or trapped in an area under bombardment.[1]

There is a danger, though, that precisely because it is hard and resources are limited, humanitarians are making themselves less resilient to catastrophic risk than they could be if they opened their mental and management frameworks to uncertainty. This is a natural human shortcoming: “We ignore the risks that are hardest to measure, even when they pose the greatest threats to our well-being.”[2]

Peering into the abyss

While the term “black swan” is increasingly used to refer to something that is just very unlikely or unexpected, in its truest sense, it is an event that, prior to its occurring, was not even imagined (the “unknown unknown”, as Donald Rumsfeld famously put it.) Short of these are the terrible things that we know are possible but are so far outside the norm or so daunting to think about that we put them out of our minds. It is this latter category of events that now looms in Ukraine.

Early consultations with the security managers for humanitarian organisations working in Ukraine made clear that no organisation has undertaken credible planning or preparedness for a major CBRN event beyond stocking limited supplies of potassium iodide tablets and even more limited numbers of hazmat suits. The threat of a major attack or accident of this nature is so overwhelming that humanitarian organisations can muster little more than these token gestures and a fatalistic shrug.

How to start thinking about the unthinkable

It may seem unfair to expect more from aid groups in Ukraine that are already hard-pressed to set up extraction or hibernation plans for the likelier risks of having staff trapped by shelling or rocket attacks. But the recent perilous situation around the Zaporizhzhia nuclear power plant has already shifted the probabilities in ways that demand attention. The Cole and Olympiou paper makes a strong case for SRM practices to incorporate uncertainty through expanded scenario planning that is built into continuous organisational processes and allows for thinking about events from a broader range of what is plausible and possible relative to unfolding events. When done routinely, “without the peril of alarmism or panic,”[3] this kind of advanced thinking promises to make organisations more resilient, flexible, and responsive when different risks materialise.

Echoes of the authors’ suggestions are visible in the principle of Bayesian analysis used by forecasters and prediction modellers. Put simply, this means continually updating your prior understanding, and probability assessments as each new piece of evidence emerges. Bayesian models are better suited to the fluidity of the real world because they insist we keep our eyes open to the possibilities we would rather ignore.

The current humanitarian SRM model may be ill-suited to dealing with the randomness and uncertainty inherent in major warfare. Still, like all models, it will fail when treated as fixed and followed too rigidly. In other words, when people “mistake the map for the territory” and become blind to potentialities outside what the model considers the most likely. Making SRM more expansive, incorporating wider ranges of possible scenarios, can help humanitarians begin to think of ways to respond to the worst-case scenarios that, hopefully, they will never face.


About the Author

Abby Stoddard, PhD, is a researcher and author with over 20 years’ experience working in the international humanitarian sector. At Humanitarian Outcomes she has designed and led independent research programmes and created unique data assets, including the Aid Worker Security Database and the Global Database of Humanitarian Organisations. Her latest book is Necessary Risks: Professional Humanitarianism and Violence Against Aid Workers (Palgrave Macmillan, 2020).


[1] Deconfliction with warring parties seems to hold little promise. In Syria, deconfliction measures were unreliable at best, hazardous at worst, as Russian and Syrian militaries were seen to act in bad faith and strike at humanitarian convoys and first responders.

[2] Silver, Nate. The Signal and the Noise: Why So Many Predictions Fail-but Some Don’t (p. 20). Penguin Publishing Group. Kindle Edition.

[3] Cole, A. and Olympiou, P. (2022).  Risk Management & Decision Making Under Uncertainty During the Afghanistan Crisis, 2021.


Image credit: Rafal Kostrzyński/UNHCR


The Afghanistan Crisis of 2021: a Black Swan?

This post is part of a wider ongoing project on risk management, crises and decision-making under uncertainty in the NGO security risk management community, through the lens of the Afghanistan Crisis. 

Asia 2022

Aid Worker Security Report 2022 – Collateral violence

This year’s report presents the latest verified statistics on attacks against aid workers. The report also examines the type of security incidents that involve what is often called collateral damage, which includes airstrikes, shelling, landmines, unexploded ordnance and other remnants of war, and crossfire. These forms of attack can be…

All Report 2022