I think that everyone in the security and risk related industries agree that 2017 is proving to be a time of very much elevated risk for everyone. A string of devastating hurricanes in the Atlantic, major earthquakes in Mexico, ongoing terrorist attacks globally and unstable political situations in several countries all contribute to a scenario where if you are not prepared, you should be.
Doom and gloom is not the whole story, of course, but being prepared for the worst means that you can operate with a bit less worry and be more confident that you can cope with disaster should it strike. It makes good sense on a personal level, for example, for any traveler to a) first check the location they are traveling to for any warnings or cautions on government web sites, b) survey any hotel room for cleanliness, bedbugs, and nanny cams (this one has popped up news feeds too often lately for my comfort!), and c) try to not make yourself a conspicuous target.
For businesses or organizations, the to do list is a little bit more complex: a) review what you have (inventory, ownership of assets, etc.), b) determine your risk profile/exposure and tolerance (Business Impact Assessment, HVA, etc.), and c) build or refresh your Business Continuity Plan, Disaster Recovery Plan, Crisis Management Plan, Emergency Response Plan, and whatever other plans you have or may require. After all that, rehearse those plans to ensure they work the way you think that they will.
I always recommend utilizing qualified and certified resources to help with planning for the worst. Look for your supporting resource to have certifications from Disaster Recovery Institute, ISO, or similar qualifications that you can verify. Experience in building your plans is also essential since anyone can pull a sample template off the Internet but a bunch of paper is not much use in a real emergency or disaster.
Anthony English, with Mariner Innovations, is one of the top cybersecurity professionals in Atlantic Canada. Anthony has extensive Canadian and International experience in cybersecurity covering risk assessment/management/mitigation, security testing, business continuity, information security management systems, architecture security reviews, project security, security awareness/lecture/presentation and standards based compliance.