The sheer volume of information generated by hostile actors can be difficult to sift through. For most organisations, the first solution is usually a technological one. Head of Protective Intelligence, Michael Lubieszko, explains why this is not enough to deliver actionable intelligence - and what you need in place instead.
The volume of data generated every minute is staggering. In 2020, across a 60-second period, approximately 41 million messages were shared by WhatsApp users, 347,000 stories were posted onto Instagram, and 150,000 messages were shared by Facebook users. The latest estimate suggests 2.5 quintillion bytes of data is created each and every day – and 90% of the world’s data has been created in the last two years alone.
But data alone has no inherent value to corporate security professionals. It needs to be transformed into insights to realise its full potential. So how do you leverage these rich seams of data to spot contemporary or emerging threats against you and your organisation, and how do you do this with a high degree of confidence and agility in order to deliver the intelligence necessary for your executive board to make effective strategic decisions?
In essence, how do you consistently sift through the noise to find what matters to you?
Data is… just data
Your first solution is likely to be a technological one. The marketplace is awash with automated scraping tools that promise to identify, extract and deliver information. And many of them do this job well, plugging in pre-determined boolean regular expressions to drag back information from myriad sources or through cunning exploitation of API accesses.
But a technological solution alone is not the panacea it purports to be. Crawlers will break. They need perpetual maintenance to adapt to changes in HTML structure, content layout or API access. And ultimately, some websites simply don’t want to be scraped.
Even if you do deploy an automated scraping tool, you must be fully aware of its limitations – in the same way that the Butler Review stressed the importance of understanding the limitations of intelligence. Despite presenting a smart interface, the data scraping can still be blunt and unwieldy and require a huge input of time and resources in order to bring back relevant information.
Regardless of the level of skill wielded, a data scraping tool still does not provide anything other than data. And that data still then needs to be transformed into insights and actionable intelligence in order for it to assist with decision-making. For you and your team, this can be a time-consuming drain on resources.
The limits of human input
If technology isn’t the solution, how about a team of geopolitical analysts? Academic understanding of terrorist groups, their targets, tactics and inner workings has never before been so comprehensive, thanks partly to the volume of material actively shared by these groups and actors across social media platforms. But a contextual understanding of geopolitics does not always translate exactly to the specific threats facing you and your organisation and ultimately the end product that you place in front of your decision-makers.
And someone still needs to collect and monitor the data. The simply unimaginable volumes cannot be confidently exploited by a team of analysts alone.
So, how can you sift through the noise effectively and efficiently and unlock the value in that data?
A hybrid solution
The solution is straightforward: to hunt down, assess and monitor threats against your organisation effectively, you must combine human agency and world-class automation. The automation allows vast amounts of data to be collected quickly; and a team of expert analysts can transform this raw information into actionable intelligence on your behalf, saving you time, cost and resources.
At Dragonfly, we call this Protective Intelligence. This bespoke, human-led solution delivers actionable assessments that help you understand and mitigate your specific threat landscape.
The blended approach of human agency and automation is inherent in, and guides, all stages of our process. And it’s all underpinned by robust intelligence methodology, extensive subject matter expertise and practical experience of assessment gained from working in police, government and military intelligence communities.
For example, we use world-class automation tools to mine data, which – combined – are often beyond the reach of even well-resourced organisations. But our team of intelligence analysts defines bespoke collection requirements, applying human expertise to the process in order to produce more relevant results. One client in the extractive space, for example, asked us to monitor threats against more than 15 physical locations. We used our geolocation capabilities to direct our collection resources to cover those sites, and working with the client deliberately targeted forums and channels frequented by extremists who were of most interest to them.
Our team then provides the assessment, the “so what” which no computer can give you. This includes evaluating context and determining source reliability before applying structured analytical techniques to assess the intent and capability of threat actors, and how different scenarios could progress in future. So the reports you receive don’t present disparate information, as you get from a web crawler; instead they deliver the actionable, timely, forward-looking insights you need to take well-considered operational decisions.
The intelligence you receive is easy to understand, firmly grounded in context, and deliberately written to inform your decision-making process. We tell you only what matters to your organisation, working with you to understand what you want to know.
Get the precise intelligence you need to protect your organisation
As your threat landscape and needs evolve, we adjust, so we are always aligned on what is considered “noise” and what intelligence meets your reporting thresholds. For example, after delivering a baseline assessment, we stopped regular reporting on the actions of a protester demonstrating regularly in front of the headquarters of a global NGO, as at the time he did not pose a credible threat. However, we continued monitoring him to ensure our assessment remained valid, and when his activities became more sinister, we alerted the organisation so they could take decisions around how to handle him and his new threat vector.
And if you’re really pressed for time? Every report starts with an intelligence summary, highlighting the key points, so you can not only access them quickly but also convey them easily to senior decision-makers.
All this saves you time, because you or your team no longer have to do the collection and analysis yourself. Rather, you can focus on taking proactive operational decisions and more strategic issues. You save on costs, accessing a rich array of world-class tools and a highly skilled team with immediate effect.
Most importantly, by combining automation and human agency, we can reduce 2.5 quintillion bytes of data to the precise intelligence you need to protect your people, your brand and your assets, to the exclusion of all else. Finally – you’ve sifted through the noise.
Book your complimentary ‘Filter the Noise’ strategy session
Like many corporate security professionals, you too may find it difficult to sift through the sheer volume of information generated by hostile actors, leaving you struggling to identify credible threats in a timely manner and too often, distracted by urgent but ultimately insignificant ‘noise’.
If so, we are delighted to offer SIAS clients a complimentary ‘Filter the Noise’ strategy session with our head of Protective Intelligence, Michael Lubieszko.
During this valuable session, Michael will work with you to identify concrete steps you can take to refine your current intelligence process, helping you to focus on the threats that really matter to you and to extract value from the data you’re collecting.
Together, we will:
- Review your current intelligence process to identify any gaps and suggest potential solutions
- Map out what an ideal intelligence process looks like for your organisation
- Discuss how to apply the whole of the intelligence cycle to your security problems – sharing the most important lessons we’ve learned working with corporate intelligence teams just like yours
- Pinpoint the single most important intelligence product you need in place to stop fighting security fires, and instead be more informed about the threats and decisions you need to take
At the end of the session, we will also explain how we can reduce the noise on your behalf, monitoring, identifying, analysing and assessing threats to your organisation through our Protective Intelligence service. If this is of interest, we’ll discuss next steps. Or if you prefer to manage your intelligence process yourself, we’ll still leave you with excellent advice on how to protect your people and your brand.
Click here to book your ‘Filter the Noise’ strategy session now