Threat Intelligence: How Bad Info Hurts Your Safety Efforts
Information is the foundation of effective safety procedures, but only if it’s reliable. In this article, we’ll show you what good intelligence looks like and how it improves emergency responses.
On December 6, 1941, a U.S. Army intelligence attache in Indonesia sent a message to his superiors in Washington. The message was a warning: Dutch intelligence had managed to crack an Imperial Japanese code which revealed a plan to declare war on the United States. This message was then sent up the chain of command all the way to the President. Immediately after doing so, the Chief of Staff of the Army alerted the commanders of the Hawaiian and Philippine forces of a potential impending attack. However, due to the sensitive nature of the message, it had to be sent via secure wire and required translators to relay the contents, among other practical and security restrictions. Even worse, many people who could have helped were not working since it was during the weekend.
The messenger reached The Office of the Commanding General in Hawaii at 2:58 pm on December 7, but the Japanese aerial raid on Pearl Harbor had ended hours before. More than two thousand servicemen lost their lives that day and thousands more were injured. Additionally, 18 ships and 188 planes were lost, all because the right information wasn’t given to the right people at the right time.
Throughout history, there are numerous examples of bad or delayed intelligence creating unforeseen consequences. It’s tempting to think of these issues as past events solved by modern advancements in technology; however, businesses today face a growing issue related to misinformation that many experts believe requires a new approach to intelligence monitoring and gathering.
In this article, we’ll cover the basics of threat intelligence, why gathering accurate information is critical for businesses, and discuss best practices as well as common mistakes to avoid. With this foundation, you’ll be able to protect your business from the dangers of intelligence failures and keep your employees and operations safe.
What Is Threat Intelligence?
Threat intelligence refers to information organizations can use to identify and assess risks with the potential to impact their people or operations. This information can then be used to help avoid problems and avert disaster.
In a business setting, threat intelligence can include everything from a hurricane warning to a notification about planned outages. Businesses typically leverage a wide range of open source intelligence (OSINT) data feeds to capture this information, but generally, trusted experts like local authorities or a weather service are preferred. These sources can share their information through a wide range of platforms: Twitter, RSS feeds, press releases, and the local news.
Information spaces like Twitter and RSS feeds can be great for threat intelligence, but there is always the potential that they can lead to information overload. For example, you might follow a local weather organization’s RSS feed to know when your business will have to deal with inclement weather. If this weather organization covers multiple states, there’s a good chance that many of their alerts are not relevant to your business or your people.
You want to make sure that you can find the relevant information for your business without becoming overwhelmed by unnecessary information. Some businesses use a threat intelligence system to filter through and verify the information for them.
Why Is Good Intel Important?
You can have the best emergency procedures in place, a team trained on crisis response and planning, and the best communication system possible. But if nobody knows of an impending alert or has the wrong information about an emergency, none of those systems will be able to work effectively. By the time those impacted are aware of what’s going on, it might be too late to get your emergency response machine chugging. Reliable threat intelligence is vital to ensuring the best possible outcomes whenever your business faces a dangerous or impactful scenario.
How Intelligence Can Fail
If you want to respond to emergencies promptly and effectively, many elements of your threat intelligence setup need to perform flawlessly. Unfortunately, there are a few common mistakes you’ll want to avoid when designing your threat response plans.
Your threat intelligence sources should be reputable and authoritative. For example, it’s probably not a good idea to include private Twitter users in your list of intelligence sources as they don’t have any obligation to ensure their information is correct.
You should always double-check your threat intelligence or use a system that verifies sources when possible. For example, when tracking the impact of a nearby protest, Twitter can be a great source of up-to-the-minute info, but it must be corroborated by another third party before you start to form your plan around what you heard in a tweet.
You need to be able to quickly get your intel in front of the right people. Untimely delivery or hard-to-access alerts dramatically reduce the effectiveness of any threat warnings since your people might not receive (or be able to navigate to) information that would keep them safe.
Your intelligence feeds need to be free from unnecessary information. You don’t want real threats getting lost in the shuffle. For example, if a snowstorm in your county is taking up most of your feed, you may be more likely to miss the single threat of an active shooter near one of your offices buried amongst hundreds of others alerts. Being able to separate the “signal from the noise” will allow you to focus your emergency response efforts on the things that are directly endangering your people.
How to Avoid Bad Intelligence
Despite the myriad things that can go wrong with a threat intelligence system, there are ways to mitigate the common mistakes we outlined above.
First and foremost, work with your team to think critically about which sources are relevant and helpful when it comes to gathering threat intelligence. Only include those which you know you can trust. A good place to start is organizations with a duty to protect and inform your community (e.g., your police department, fire and EMS, trusted media sources, etc.). Be wary of police scanner accounts that listen to emergency services radio frequencies and repost what they hear. Some of these accounts are reliable, but some of them can go dark without any notice, possibly leaving you scrambling to find new sources in the middle of a crisis.
Employee data organization
Quickly and accurately ascertaining which of your people should hear about a particular piece of threat intelligence is key to ensuring good outcomes in your emergency response. During an emergency, you’ll probably have a hard time remembering who needs to hear about what. To counteract this, create lists of your people that reflect their geographic areas, work functions, home office, and any other signifiers you can think of. Then, when you need to send a message to a particular group, you’ll have your contact list ready to go. Some communication systems even allow you to geofence, that is, select a specific portion of a map to restrict your message to only those in affected areas.
Perhaps most importantly, a good threat intelligence system should be easy to use and simple to navigate. During an emergency, you and your team will be frazzled. Fine motor skills and sequential thinking capabilities are most likely diminished, so you won’t want to have to wrestle with your threat intelligence or emergency notification software to receive and share crucial information with your team. Simple systems can be life-saving during a crisis.
Finally, just because you’ve been tasked with managing your company’s threat intelligence system doesn’t mean you have to go it alone. Top-of-the-line threat intelligence systems may include 24/7 support from a monitoring team staffed by professional threat analysts. These teams can supercharge your ability to filter out the insignificant intel from the really important stuff, freeing up some of your valuable time. Additionally, using a reliable emergency notification system can ensure that you get that information out to the right people in time, and keep your employees safe.
How AlertMedia does it
AlertMedia’s mass notification system and threat intelligence monitoring have everything you need to easily track threats to your people and business. With top-tier software, a 24/7/365 monitoring team, and the best customer support in the industry, schedule a demo to see how AlertMedia can help keep your organization safe and informed.