High profile executives and VIPs are more likely to receive threats of violence, be at the centre of negative online noise, and to be the target for both cyber and physical attacks. This, when paired with their busy schedules (which often involve travel), makes staying ahead of potential threats a particular challenge for their security teams. 

Attackers have a variety of reasons and goals for targeting executives and VIPs. It could be anything ranging from a reaction to company layoffs, to kidnapping for ransom. Whatever the reason though, security teams need to be able to spot the threats, understand the motives, and implement an effective response in a timely fashion.

In this article, we take a look at 6 key ways Signal OSINT is used today by customers to advance protection measures for high profile executives.

How Can Signal OSINT Improve your Executive Security?

Discover private information published online

There are several reasons that an individual might publish private information online. Often, it is in anger or as some form of revenge. The kind of information that has been found published online includes: names, email addresses and logins, physical address, details about an executives families, passport details, medical information, credit card and bank details, and SSN’s.

Having such information leaks opens up an executive to a wide range of potential threats. As a security professional, it is vital to know if and when there is a data breach so that the threat can be neutralized. The longer data is available online the more risk there is. For example, if card details are discovered online the bank can be contacted and the card cancelled.

Read: Detecting and Mitigating the Risks of Data Breaches 

Identify direct threats

Sometimes threat actors are more direct in the way they threaten executives. This could, for example, be a direct threat of violence through an email, instant messaging service or public forum like social media. While the majority of such threats come from so-called “keyboard warriors” there are some which will require further attention and action. 

For example, discussions might be uncovered on the dark web forum with details of a planned attack on an executive. With the prior knowledge of the attack action can be taken to reduce the associated risks.

One way to differentiate between someone that is simply venting their anger on a public forum and someone who genuinely might take action is to look for repetition of negative sentiment.

Emotional analysis

Emotional analysis gives data extra context which allows it to be better understood enabling a more effective and accurate response to the potential risks. 

It also allows you to differentiate between when a negative comment is simply that, a negative comment, or when it needs more serious attention, for example, it’s evolving into a physical threat.

Read: When Does Negative Sentiment Become a Threat? 

Misinformation is spreading about an executive

The spread of disinformation is problematic on a number of levels. For example, throughout COVID-19 misinformation has been spread regarding the virus, it’s root causes and best prevention practices. This has harmed efforts to curtail and control it. Another recent example is the role of misinformation in the 2016 US election. 

There are numerous reasons that individuals and organizations spread misinformation, it could be part of a phishing campaign or an international political assault, for example. Whatever the reason the results are almost always harmful. When an individual spreads misinformation around a CEO or other executive there are real ramifications for brand and reputation which need to be managed.

To combat misinformation organizations need to be equipped with the right tools and understand both what they’re looking for, and the reasons for spreading misinformation.

Disruptive events are planned which could prove a threat to executives.

Events such as protests planned at or near an office or manufacturing location could present logistical problems and delays as well as potentially devolve into riots which would represent a physical threat. Having intelligence on the events and any salient information regarding individuals or groups looking to create trouble will allow you to take appropriate precautionary measures and prevent a threat from escalating.

Travel risks

All travel comes with some inherent risk. However, it is more pronounced for executives who are at increased risk due to the regularity of their travel and high profile.

Additionally, events like extreme weather or terrorist action may make a destination unsafe. As such, having an OSINT solution such as Signal offering an early warning of any particular dangers will enable you to plan alternative routes and otherwise avoid high risk scenarios.

Read: 4 Aspects of Effective Executive Travel Risk Management 

Early warnings with real-time data

Using Signal you can create customized alerts filtered via specific keywords, phrases or even locations. We also have a built-in translation tool so that data can be searched across languages and automatically translated into your default language.

Additionally, you can run alerts through our emotional analysis tool to determine how much of a threat any particular alert is. Finally, get our optional Sapphire bolt-on and utilise our skilled data analysts to further refine your results. 

This approach allows your leave your intelligence gathering on autopilot and not only effectively reduce costs but vastly increase the scope of your monitoring ability and the overall amount of hyper-relevant intelligence at your fingertips. All of this allows you to gather actionable intel in realtime.

Find out more about Executive Protect with Signal…

There are good reasons why the fictional characters like Varys (Game of Thrones) are so influential in their respective worlds. The more information you have the more you can tailor and optimise strategies for your preferred outcome. However, whereas Varys has to contend with political scheming, assassination attempts and dragons, the modern (and real) world has a much broader plethora of potential attack vectors, many of which were unimaginable just 20 years ago.

Thankfully for security professionals, the broadening net of threats exists in a symbiotic relationship with intelligence sources and security tools. What this means is that while, yes, there are now more threats to contend with, there are also more solutions and tools. For example, artificial intelligence (AI) enables Centaur approaches that far exceed human or machine only results. 

In this article, we take a look at how Open Source Intelligence (OSINT) can be and is being used to arm security teams with the ability to gather and analyse vast quantities of data and then enact effective plans to mitigate damage and even prevent threats. 

What is OSINT?

OSINT, as the name suggests, is data gathered from all publicly (openly) available data sources. These data sources could be anything from government records or archives, online discussion forums, blogs, social media posts, or the comments on those posts. 

OSINT allows you to collect data from all of those sources at once, and because of the sheer amount of information that is shared and discussed continuously on every fathomable topic, it is an incredibly powerful tool. There are billions of historical records and millions more being posted every day. You can use OSINT to identify physical threat made against your organization or executives, discover data breaches, uncover terrorist plots and even get breaking news as it is happening.

In many situations, expert data analysts with OSINT tools can identify malicious actors and discover relationships, information which can be used to enhance a privacy and security plan.

How Organizations use OSINT

The need for organizations to employ OSINT as part of their corporate security processes is becoming increasingly more evident. Interestingly though the use of OSINT has been neither formalised nor widely adopted. It often takes a particular scenario to unfold before they even consider it. 

A common example is a data breach. According to the Ponemon Institute’s 2018 Cost of a Data Breach Study, the average amount of time for a company to detect a data breach was 197 days. More often than not, the organization was not the first to know either. Utilising OSINT allows you to learn of data breaches as soon as discussions begin online, for example, the hacker offers up your data for sale.

This is just one way in which OSINT is used by businesses. The use of intelligence is immensely versatile. You can detect physical threats to assets or staff, determine travel risks, discover brand hazards, secure your social media channels and cybersecurity and more.

Despite the versatility of applications for OSINT tools it still often takes a worst-case scenario for an organization to decide to finally employ OSINT solutions.  

Applications of OSINT as Cyber Intelligence

Most people freely share a large amount of data about themselves. In fact, in this day and age, it’s hard not to share your data. For example, almost everyone has a phone number, this phone number is likely connected with your name, address, date of birth, and email address. It might even be linked with your broadband connection and subsequently your IP address. 

As an example, in 2019 T-mobile had a significant data breach. Thankfully, it appears they spotted and responded quickly, but not before some 1 million records were exposed. They were able to mitigate the damage but not prevent it. Other companies have historically been less quick to respond such as TerraCom and YourTel America who had to pay out $3.5 million USD collectively in damages in 2015 after their data breaches. Organizations also need to remember how everyday activities expose other forms of data such as shopping habits through credit card usage and location through fitness apps. 

Intelligence isn’t just important for detecting breaches or hacks. It is also vital if organizations want to protect their staff from physical threats or from being exploited via phishing scams. For example, a company’s employees will likely all have social media accounts such as a LinkedIn account which details their roles and responsibilities. This information can be paired with information from other social profiles or information shared online and can, when used properly, become valuable intelligence on how an organization runs, who’s responsible for what, and even who a malicious actor should target.

Because of the various methods that security teams can use intelligence to protect a businesses interests having a dedicated team, armed with powerful OSINT tools like Signal, could save them from serious reputational and financial damages.

Examples of threats that Signal OSINT can detect and help protect against

• Counterfeit or stolen property listed online - for example, counterfeit drugs.

• Employee conduct, threats and harassment on social media.

• Frustrated, angry or threatening customer correspondence.

• Merger, acquisition & organizational partnership discussions - this could be important for ensuring smooth operation of the supply chain, for example.

• Sensitive information publicly disclosed – accidentally or intentionally.

• Inaccurate, harmful or out of date information.

• Presence of fake websites, fake invoices or scams targeting customers, staff or the organization - for example, a phishing website made to look like a banking institutes website and designed to encourage users to enter their password combination. 

• Credentials from data breach & compromised accounts belonging the organization.

• Unsavoury relationships, membership or pending court action related to the organization.

The Results of Employing Powerful OSINT Tools

Experienced hackers and cybercriminals will understand the public nature of the channels and as such are likely to attempt to avoid actions that expose their intentions. However, OSINT doesn’t stop at the surface web, tools like Signal can give analysts and security teams access to data from sources such as the dark and deep web and even private dark web forums as well as more obscure surface websites. 

The purpose of OSINT research is to provide teams with a thorough foundation of knowledge. Teams can subsequently use these insights to develop actionable plans to either prevent a threat from fully emerging, or minimise the damages of a current or recent attack.

One of the key issues that security teams and analysts face is the sheer amount of noise which might surround their brand. Invariably much of this noise is irrelevant to their purposes, however, some of it will be bad. This is why Signal assists with advanced filters applying boolean logic as well as features such as our emotional analysis tool.

It is estimated that cybercrime will cost organization a combined amount of upwards of $6 trillion a year. Cybercriminals are getting smarter and to defend networks, predict threats, and protect staff, organizations need increased access to timely intelligence. 

Effective information security requires smarter detection techniques which is why many organizations are incorporating AI-driven solutions and products to enable their security teams. However, even with AI assistance the sheer amount of data to assess is encumbering. Signal offers a multi-faceted approach that incorporates filters using boolean logic, AI analysis, and a human hand.

Getting Actionable Insights in Real-Time

In threat intelligence having timely data means everything! Having hyper-relevant intelligence as or even before events are unfolding could mean the difference of several zero’s. By contrast, acting upon old threat insights that maybe have dated can be counter-productive, or even undermine the purpose of the intelligence.

Automation and AI tools can make all the difference when it comes to constantly collecting fresh data. A threat intelligence platform such as Signal which harnesses automation and AI tools massively expands the potential data sources and amount of data that an organisation is able to effectively and efficiently monitor. As well as enabling security teams to sift through all that data and detect anomalous and potentially dangerous activity.

Reacting fast is vital to mitigating threats, but what is even more effective is preempting potential attacks enabling security teams to take preventative measures. For example, using a dark web scan a security team might discover an exploit package for sale targeting a previously unknown vulnerability. Discovering this exploit pack allows the security team to patch the vulnerability before hackers have a chance to take advantage of it.

Automation isn’t Everything

Machines can save you time and in that way they save you money. The combination of AI and Automation when scanning the surface, deep and dark web allows your security team to have more eyes on more data sources. This is vitally important especially today when cyber skills are scarce and data growth so overwhelming. This combination helps prevent analysts from being utterly swamped by endless admin work and allows them to deliver true value to their role.

That being said. Machines can only do so much by themselves (at least for the foreseeable future. People remain fundamentally better at understanding insights from potentially vague context and who are able to deliver an effective response.

Acting fast as we have already mentioned is incredibly important. But just throwing machine learning at the threat intelligence problem isn’t nearly enough. The perfect blend combines rapid and large-scale initial gathering and analysis by machines that then hand-off to their human team-mates to apply strategic intellect while the data is still fresh.

Security professionals have to think how cybercriminals think: machines (e.g. botnets) to do the heavy lifting and a sprinkling of human intervention to execute as successfully as possible.

Injecting Human Intelligence into Automated Threat intelligence

The key to superior threat intelligence accuracy and timing is to leverage automation whilst simultaneously injecting human expertise. You don’t want to be wasting your human resources by making skilled data security analysts wade through piles of admin. Nor do you want those analysts to miss potential anomalous data because your automated system disregarded a seemingly meaningless information package which later turned out to be a viable threat. 

Signal allows you to create filtered searches using Boolean logic scanning your chosen data sources and understanding potential location information. These searches can additionally be run through our emotional analysis tool Spotlight. 

There is one more problem though. Getting the balance of human and automation right is essential if you want to derive an effective threat intelligence system at a competitive cost.

To solve this problem we have launched our Sapphire program. Sapphire is an optional bolt-on which enables Signal customers to leverage our skilled in-house data analysts to further refine their results allowing their in-house security personnel to spend time on delivering real value.

Final Words

As can be seen from the description above, Signal is not an “AI application” in the commonly understood way. Instead, it’s a system where we use AI techniques and automation in multiple places to create a tool which in the right hands creates an extremely capable intelligence solution.

Even though machines and software will continue to evolve with dazzling speed, the complexity of threat analysis means there will be plenty of challenging opportunities for human analysts for a very, very long time.

Communication and technology companies form an integral part of the daily activities of many individuals, companies, and governments. This sector forms a foundation of critical infrastructure which is in part what makes it such an appealing target for cybercriminals.

A successful cyberattack on a company in this sector could see vital services for hundreds of thousands if not millions disrupted. A severed internet connection could see businesses crippled and potentially shut down entire governments.

Remaining aware of the litany of evolving threats that could be and are currently being perpetrated against communications and technology companies is a priority if they want to have any hope of defending themselves against cyber or physical threats. 

Telecom operators are adept at protecting their networks, additionally, with the telecom infrastructure being the primary transport for most attacks it’s also true that cybercriminals also have to rely on this infrastructure. This limits the adversaries who directly attack telecom infrastructure largely to anti-establishment hackers.

However, today, telecom organisations are recasting themselves as technology companies - which is why this article encompasses both. For instance, they are creating mobile applications for use of VoIP calls and storing data on cloud services. The lines between technology and communications companies become even more blurred with large tech companies owning parts of the infrastructure as well as those tech companies which have crossed over into the realms of communications. Apple, Facebook, and Google being the most obvious examples.

This cross-over between communications and technology creates new risk frontiers for both communication and technology companies. 

“One mounting technology concern is Internet route hijacking, also known as IP hijacking, an exploit in which adversaries corrupt Internet routing tables to ‘hijack’ packets of data. Possible solutions include the implementation of secure Border Gateway Protocol (BGP), a technology that can be used globally. However, secure BGP standards haven’t been consistently adopted, and that’s not likely to happen without government incentives.”

Source

In addition to the growing number of cyber threats, it’s also necessary to consider threats against executives as well as supply chain vulnerabilities which might be exploited. The fact that many of large organisations operate internationally, where materials and equipment manufactured in various different parts of the world is the final part of an ever-evolving ecosystem of threats.

Threats Facing Technology and Communications Companies

Today’s cybercriminals are evolving and adapting fast, discovering and creating new vulnerabilities to exploit constantly. Addressing these threats requires telecommunications and technology companies to have access to up-to-the-minute knowledge and information about threats and vulnerabilities for a vast array of potential attack vectors. 

We can divide the main threats facing the communication and technologies industries into two interrelated categories: 

• Threats targeting companies directly. 

These include DDoS attacks, targeted attacks (APT campaigns), network device vulnerabilities and human-related threats like insider access, social engineering and the risk of allowing third parties to access information. 

• Threats targeting subscribers of services.

Particularly the customers of cellular service providers (CSPs) and Internet service providers (ISPs). These include malware for mobile devices, subscriber data harvesting, end-user device vulnerabilities, and more.

Mobility and the Cloud

Another key issue for these industries is the proliferation of smartphones and internet-capable devices. Despite this being a pressing concern it has been found that technology and communications companies have done little to deploy security measurements with only around 45% of organisations having a mobile device security strategy in place.

As the use of mobile devices increases so does the use of cloud computing services. The cloud has been around in its modern context since at least 2006 however, it is becoming increasingly used by modern organisations with some today 50% of operators currently using some sort of cloud service.

The use of the cloud opens up new business growth avenues and increasingly optimises workflows allowing individuals to work and manage their data from anywhere on any device. However, it simultaneously creates new attack vectors which are compounded by the use of mobile devices. 

Whilst organisations share increasingly more data with third parties, vendors, partners, and customers it has been found that a striking lack of security practices exists for IoT and cloud-enabled devices. 

• 67% had an IoT security strategy.

• 34% had policies for secure collection, retention and destruction of new data.

• 36% had implemented uniform cybersecurity policies across all IoT devices and systems.

Source: The Global State of Information Security Survey 

How Communications and Technology Companies are Improving Cybersecurity 

Security is everybody’s business. Any member of staff might be exploited as a weakness. In a 2018 survey it was determined that 30% of security incidents were attributed to an employee compared to 23% attributed to an external hacker and 19% attributed to third party vendors. Employees could become threats in a variety of ways, accidentally or maliciously. 

For example, they could be personally hacked and extorted for access to protected data. Or they could be a victim of a phishing attack unwittingly installing malware on company devices allowing hacklers to steal packages of data. Or, it could be a location or particular executive that is physically targeted for an attack. The variety of dynamic threats means that it’s not just security teams that need be involved in and informed about threats.

One trend that is true across industries including telecom and technology companies is an increased budget for cybersecurity and threat intelligence.

“It’s predicted that global spending on cybersecurity products and services will exceed $1 trillion cumulatively over the five-year period from 2017 to 2021.”

Source: 2018 Cyber Security Market Report

Another measure is an increasing focus on intelligence. Threat intelligence using tools like Signal allows organisations to efficiently obtain hyper-relevant data in real-time.

How is Signal being used today to protect organisations?

• Company data is discovered for sale on the dark web.

• Threats to an office location are found in online discussion forums.

• Signal discovers an employee sharing sensitive company information online.

We now offer a focused Cyber Security product, LERTR.

Final Words

Today, information security is an advanced discipline that requires the correct technology and processes paired with a skillset based on counterintelligence techniques and supported by top executives. As technology evolves new threats will inevitably appear along with a raft of new challenges. 

For companies to mitigate the risks presented by an evolving threat landscape core practices such as employee security training need to be reassessed and continuously updated based on the newest information. The convergence of mobile technology, cloud services and social networking have multiplied risks - and many operators have yet to address many of these increased vulnerabilities. 

These factors call for a new approach to security, one that’s driven by the knowledge of threats, assets, and adversaries. One in which security incidents are seen as a critical business risk that may not always be preventable, but can be managed to acceptable levels.

All organisations want to keep their employees safe, this goes across the supply chain and up to top executives. Whether they’re protecting them from the likes of terrorism, upset customers, natural disasters or road accidents, these risks are heightened when employees and especially executives travel.

Whilst threats to travel security are not limited to highly unlikely events, many serious threats like the sudden eruption of a volcano, or terrorist are, thankfully, things that most travellers never have to worry about. However, if COVID-19 has shown us anything it’s that no matter how unlikely a situation may be, they are still a possibility and could escalate incredibly quickly.

Businesses have over the last years begun realising the importance of reducing travel risks especially for executives where the potential of risk is increased and the potential cost heightened. In a 2017 study by Business Travel News of 229 travel buyers and managers and corporate safety and security managers, it was found that “65% said their companies' attention to traveller safety and travel risk management has increased over the past three years.” Ignoring the risks that travel holds could be an expensive mistake.

4 Essentials to Consider for a Effective Travel Security

1. Reliable Intelligence 

2. Education

3. Briefings

4. Planned Response

Reliable Risk Intelligence

Situations can change rapidly and relevant timely intelligence in an evolving situation is vital if an accurate risk assessment is to be provided. 

Without an accurate risk assessment and a detailed understanding of the potential local risks, a security team cannot make a properly balanced decision regarding operation security. It is incredibly important then, not just for teams to perform risk assessments before travel but to continually monitor local situations so that should things change the security team can react accordingly and take appropriate actions.

For example, as COVID-19 was evolving into a global pandemic security teams needed reliable information from trustworthy sources to allow them to properly understand the potential risks it posed as well as to navigate through the plethora of misinformation being spread. Teams using Signal OSINT were able to get this information and take preventative actions, putting secondary measures into place should the situation evolve. In this particular example, extreme action was needed. The security teams first suspended all executive travel to badly affected areas and as the situation evolved into a more serious global crisis they evacuated executives and employees who were overseas, before entirely suspending further business travel.

Without the proper information, the best course of action cannot be pursued. Situations change rapidly and timely intelligence will provide detail on current and future anticipated threats. 

Staff Education

As part of an effective travel security program staff need to be aware of the potential dangers and have the tools and knowledge to minimise and mitigate personal travel risks. Risk can be dramatically reduced with good basic personal security methodology which is often the most cost-effective and efficient way to improve the safety of employees abroad.

Part of this education must be an ongoing effort to share with the relevant parties this real-time information from data sources gathered through tools such as Signal.

Debrief

With properly trained staff, the individuals travelling should be aware of the environment, threats and risks that they are entering. On top of this, as we mentioned above this information sharing should not stop at the briefing, but as the threats evolve the relevant individual needs to be kept up to date so that they can change their behaviour if necessary.

A Planned Response

The fourth aspect of an effective travel risk management plan is having planning a response to all possible crises. In certain locations, some aspects and threats are more prevalent. 

For example, emergency services might be lacking or public transport might be more dangerous. In these cases, proper plans need to be put in place. For the latter, you might arrange a rental car for your executive, or a driver, if the road laws are known to be difficult. These preventative actions remove several potential threats which would be far more costly for the business than the cost of something like a driver.

There must be a pre-identified and rehearsed service in place to ensure an effective and timely response to an emergency.

Three main parts to an effective response include:

1. Prevention – The best security avoids or prevents threats from becoming risks. A good benchmark is to be able to identify the exact location of your employees and be able to effectively communicate with them within 15-20 minutes of an incident occurring.

2. Crisis Management –  If a crisis does happen, the first thing you need is an effective communications channel. Through this, you need to be able to quickly implement plans and processes to manage the evolving crises.

3. Evacuation or Hibernation Plans – If a situation escalates beyond a certain point it may be that security teams need to implement and evacuation or hibernation plan. Which will either have the executive returned home, or hibernate in-situ until the situation changes. An example of a necessary evacuation plan being implemented would be in response to the Corona Virus. With only a little warning it became apparent to those organisations who had teams or individuals in Wuhan China that they needed to get them out of their fast. This situation then escalated rapidly to become a global crises.

Challenges

Travel security and executive protection comes with a number of challenges. It doesn’t look good to put a large amount of money into executive protection, however, there needs to be a balance to avoid potential risks. If an executive is attacked, or involved in an accident whilst abroad then shareholder value may drop, potentially for days, and sometimes the pressure in these scenarios can have negative effects long after the incident.

A situation can change rapidly, requiring a different response even as soon as hours later., which is why having real time intel of an event is so crucial. With the right systems in place and the right tools in the security teams toolbox, threats can be identified, monitored, and effective preventative measures and contingency plans put in place. All of this acts to protect both the individuals and the company involved.

The Role of OSINT in Managing Executive Safety During Travel

The modern workforce is more decentralized than ever. As employees travel or work remotely, it is important to know about potential issues that could impact their safety and security. Signal can assist with early warnings of:

• natural disasters in or near destinations;

• potential travel disruptions;

• terror attacks;

• security threats;

• political or economic indicators.

Signal Open Source Intelligence software allows you to gather real-time data. More importantly Signal allows users to tailor their feeds to get customised data relevant to their particular situation.  Which means instead of having to monitor every part of the web manually you can instead get customised filtered alerts. 

On top of this, Signal risk intelligence software enables users to monitor the surface, deep, and dark web. Many dark web forums don’t allow strangers to access their sites and require authenticated logins which makes it even harder to gain access on to these sites and monitor potential risks that occur in these places which security teams need to be aware of such as data breaches, threats of physical attacks and terrorism.

Learn more about how Signal can improve your executive protection…

Corona Virus has for many been a rude awakening. Companies have been left scrabbling in an attempt to put in place contingency plans and deal with the spread of misinformation, all whilst facing tumbling share prices.

COVID-19 is the most recent global incident, it’s not the first and it won’t be the last, however, it has thrown into harsh light the realities and weaknesses that surround many organisations international structure. Our increasing levels of globalization throw local isolationist policies out the window and if a company wishes to maintain economic growth changes in the way that they manage their response to global incidents is needed. 

In the wake of a global incident, corporations need fact-based reliable information from official sources and they need it fast. The smart adoption of technology can help facilitate the means for companies to protect their teams and assets as well as mitigate potential damages to the business.

Dealing with Misinformation: Disruption is the new normal.

The rapid spread of news and information online has sparked a recent increase in global headlines highlighting critical outbreaks. International concerns can cause loud and distracting noise when trying to identify specific data.

On top of this, panic has followed in the wake of COVID-19, stocks have plummeted to levels that haven’t been seen since 2008, people are rushing to stores to stock up on necessities. This panic has been spread and amplified by both a lack of preparation for a global crisis of this nature, as well as an amount of misinformation spread rapidly through both social media and even through more trustworthy news sources. 

To tackle this, the first thing any organisation needs is accurate, relevant and trustworthy information. You don’t want to be relying on secondary, potentially egregious sources, not only because it will take longer to uncover news forcing, but you also won’t know how reliable that information is. Sad as it may be to admit, many media outlets aim to sell news, and facts aren’t necessarily lucrative, spectacle sells. 

Using an open-source intelligence (OSINT) software like Signal you can create a custom real-time stream from official sources such as the World Health Organisation, or the CDC to get reliable information and updates fast. Easily sift through unwanted information to detect only the most valuable in an outbreak.

Better situational awareness for a more efficient response

Increased situational awareness allows companies to proactively respond to crises. It allows them to get accurate information first, and create actionable and effective strategies based on reliable data to efficiently counter emerging threats.

As well as having multiple sources, companies can use OSINT tools to identify trustworthy and “official” statements and sources and tailor their live stream searches around those. This is often where the news breaks first and will give an unbiased account of the facts.

Examples of responses to COVID-19 can be seen from several large companies including Facebook and Amazon. In areas where there are outbreaks, such as Seattle, they have closed down offices and asked employees to work from home. They have also both cancelled  conferences which would have drawn thousands of people together with potentially disastrous results - instead they are looking at creating a virtual experience instead. This is just one example, of how companies, armed with accurate information can then use available technology to facilitate preventative measures mitigating the threat of the outbreak.

How OSINT software can help

Improve employee safety

Knowing how to respond and then implementing an effective response without causing further panic or further spreading misinformation allows organisations to effectively protect their staff in and outside of the office. 

For example, knowing how COVID-19 is spread as well as understanding the the severity and location of the outbreaks means you can form effective localised preventative measures without causing undue widespread panic or unnecessarily harming your business.

Better executive protection

Executives travel, and travel entails risk especially with an evolving international crisis of this nature. In this scenario, for example, it would be sensible to protect these executives by taking simple precautions such as delaying trips to areas with severe outbreaks such as China or Italy.

In line with current government recommendations all employees should be practicing social distancing and where possible managing meetings with video conferencing technology. Adapting in the face of an emerging threat such as COVID-19 allows companies to reduce the risks that they face and better protect their staff from exposure. 

Supply chain management

Those businesses that are built on the foundations of large and complex international supply chains have to question their structure and practices. What is the backup plan? How do you mitigate the threat to a potentially compromised supply chain? And perhaps, more importantly, how do you protect those staff and assets that are involved? 

First, you need actionable and accurate information in real time allowing you to fully understand potential risks and issues and only then can you form an effective plan of action.

Summary : The Importance of Accurate Real Time Data

Coronavirus is the only the latest example of a disruptive global crisis and it won’t be the last.

Due to the rise of unofficial media sources which can easily disseminate news through the internet, especially social media platforms, there is a lot of potentially unreliable information being consumed. Fact-checking can be immensely time-consuming and many people don’t bother, which is how false information propagates. As an organisation though this misinformation can be as harmful or even more harmful than the reality. Getting ahead of and tackling false news becomes an important task.

In terms of dealing with a global crisis such as COVID-19, think about spreading fact-checked sources through internal communications to allay fears spread through potentially incorrect or misleading media. This will also show employees that you are on top of the situation encouraging trust in the organisation and your official response.

To truly and effectively mitigate the threat of global incidents, how companies utilise technology to adapt to the scenario will make a huge difference. Ask yourself: Does your business offer flexible working practices? How can your business support workers if they need to self-isolate? Do you need your executives to attend events in physical locations or can business be done virtually? And as a final consideration - a side effect of these changes - how might these adaptations become more normalised to improve employee efficiency as well as supporting a healthier work life balance?

Resources 

• https://www.who.int/

• https://www.cdc.gov/