Preparedness is Key to Mitigating Severe Weather Risks

Severe weather and natural disasters— such as tropical storms, wildfires, tornadoes, earthquakes, floods, tsunamis, and hurricanes— put people and organizations across the globe at risk every year. The level of preparedness and response to these severe weather events can often mean the difference in life or death. In addition, organizations who prepare and respond quickly to weather disasters can prevent loss of revenue and other costs by maintaining continuity of operations.

Advance warning and accurate real-time data about severe weather and natural disaster threats is a critical part of your risk profile. Signal has advanced tools to enable you to stay alerted as quickly and as early as possible to severe weather threats relevant to your people, buildings, supply chain, and other assets. 

Brand reputation is also at stake during a weather emergency. Handled efficiently, it’s an opportunity for organizations to shine and prove their resilience. Handled poorly, the public is unlikely to forgive or forget the organization’s response or lack of response. Clear guidelines and properly gradated alert levels allow you to respond effectively and efficiently every time—no matter what weather emergency comes your way.

Get Notified Early About Severe Weather Threats

Every second counts when dealing with emerging severe weather risks. As our collective ability to track and predict many severe weather events due to artificial intelligence improves each year, the data comes faster, earlier, and in greater quantity. Only when this data is accurately and relevantly mined do you have more opportunities to increase preparedness and speed of response. Otherwise, the overload of information only causes noise.

Signal uses open-source intelligence to monitor what’s important to you 24/7. Customize searches and get notified via SMS and email when vital severe weather information is detected that’s relevant to your organization. Leverage advanced customizable filters to reduce irrelevant noise so that you can focus on the threats that matter to you. Quickly search for real time updates on developing situations or set up complex boolean searches to monitor severe weather incidents, and actively drive prevention. The alternative is to waste an enormous amount of time and money randomly browsing the web and other sources for weather information—usually too late. Such a haphazard approach causes big gaps in risk awareness.

Verify Information to Make Confident Decisions & Act Quickly

Misinformation can cause panic during a severe weather emergency. This misinformation can spread rapidly through both social media and even through more trustworthy news sources during emergencies. Social media posts provide updates to the public which are often helpful; however, citizen-sourced information can also lead to the spreading of falsehoods. It’s important to keep your team ahead of the news— including fake news, and even scammers trying to capitalize on the disaster. To tackle this, the first thing any organisation needs is accurate, relevant, vetted, trustworthy information. 

Signal enables organizations to monitor and manage large amounts of data from a plethora of different data sources across the surface, deep, and dark web. This, paired with advanced filters and boolean logic means that security teams are empowered to identify disinformation, discover patterns, and practically respond to these potential and evolving threats during a severe weather emergency. 

Maintain heightened situational awareness before, during, and after the event.

Increase situational awareness by corroborating and contextualizing severe weather data. Monitor supplier production facilities and transport routes, and continually assess and reassess the evolving threat landscape and update your alert level guidance accordingly. 

Customer Example

During a recent tornado, one customer used Signal to help safeguard a manufacturing facility in the U.S. when a tornado landed near the town where most of their employees were based. Luckily, there were no casualties. The customer used Signal to gain intelligence about:

• The scale of the tornado

• The impact it was going to have on their employees

• The impact it might have on their overall operation

This intelligence was extremely useful to the organization in recognizing threats being proactive. The intelligence helped them to:

• Protect lives (people)

• Protect assets (facilities)

• Maintain business continuity (resilience)

• Protect reputation (brand)

To learn more about preparing for severe weather emergencies, request a full demo

Supply chain operations can be vast and while globalisation and digital technologies are making the world a smaller place in many ways, they are simultaneously increasing the number of potential vulnerabilities that security teams and supply chain managers need to monitor. Current threats to the logistics sector range from piracy, which has been experiencing a resurgence in recent years, to terrorism, to DDoS attacks, malware or data breaches.

The range of potential threats is exacerbated by the particular vulnerabilities of the supply chain and the sheer size and scope of the operations involved. For example, around 90% of the entirety of global trade flows through only 39 bottleneck regions. An effective attack on any of these 39 traffic heavy logistics hubs would have far-reaching and knock-on consequences impacting billions of dollars worth of trade. 

One example is the Hong Kong - Shenzhen freight cluster where nearly 15% of both container and air freight traffic moves through. Additionally, there is a selection of geographic chokepoints such as the Panama Canal or the Strait of Malacca where a successful attack could effectively halt a vast amount of freight.

If this wasn’t enough digitisation has increased the number of threat vectors that logistics companies need to consider. This increase in vulnerability needs to be addressed with effective security measures such as real-time data collected through Open Source Intelligence (OSINT) software.

How Can Transport and Logistics Companies Secure their Supply Chains?

Ensuring secure passage 

One of the key concerns, and one of the oldest, that logistics and transport companies have to contend with are the tangible and physical security threats; terrorism and piracy being the obvious examples. Organisations need real-time information to carefully and continuously assess the threat level, implications, and risks surrounding these physical security concerns.

Using these analyses organisations can then determine strategies to mitigate these threats as well as determine contingency plans for worst-case scenarios. They will need to be able to adapt and respond quickly to events as risk levels change. Supply chain managers across all industries will need to take into account higher transport costs, longer travel times, and potential problems meeting schedules when alternative transport routes are used

Fundamentally these risk management strategies hinge on having all of the information available on emerging and current threats. To be able to respond in a timely fashion it is absolutely necessary for supply chain managers and security teams to have the most up to date data. Being caught unawares could have far-reaching and even devastating consequences. And in some cases, business models based on time-critical deliveries may be squeezed out of the market. 

Keeping cyber space safe 

Cyber security is a secondary consideration for many logistics and transport companies. However, it is a security concern that should be receiving increasing levels of attention as “cyber criminals are evolving their tradecraft with new innovations and increasingly automating their attacks”, according to the 2020 Global Threat Intelligence Report (GTIR) by NTT Ltd. 

You only have to look back to 2017 for a clear example of what can happen should a logistics operator be caught unaware by malware. In this scenario the shipping giant Maersk had their IT systems taken out by a vicious malware called NotPetya. With roughly one container shipping into port every 15 minutes you can imagine the logistical nightmare that ensued as the company was forced to turn to manual processes to keep things moving. It was estimated that the delayed operations, lost revenue, and the process of completely rebuilding their IT systems cost Maersk upwards of $300 million.

NotPetya, developed by the Russian military, was targeting businesses in Ukraine – but the malware quickly got out of hand. Soon it was spreading around the world, taking down networks and causing billions of dollars in damage and lost revenue. Meaning, in this scenario, Maersk was simply collateral damage.

Despite this, according to The State of Logistics Technology Report 2019 by EFT, “the logistics industry is still not seeing security as a primary part of business operations” even with clear examples of what can happen. In this report, researchers surveyed more than 500 industry professionals with questions relating to cybersecurity and found: 

• Only 35% of solutions/service providers have a Chief Information Security Officer (CISO) in place;

• Only 43% of shipping companies have a CISO;

• Only 21% of logistics companies believe they even need a CISO.

Transportation is already heavily reliant on Information Communication Technology (ICT), and virtual threats are growing in frequency and complexity. For this reason, cyber threats are an increasingly worrisome problem across multiple industries. Additionally, for transportation and logistics cyber attacks as part of an attack designed to induce physical damage is an additional attack vector of increasing commonality.

OSINT Software for a More Secure Future

Some organisations operate with hundreds of individual suppliers. Disruption to any of these suppliers anywhere along the supply chain could have costly ramifications. Maersk is just one example of this, operations weren’t returned to normal for nearly two weeks, and even with employees across the company going above and beyond to maintain operational efficiencies, losses for customers and themselves quickly climbed into the millions.

Security investments provide a payback not only in terms of loss prevention but also by enhancing supply chain performance. When it comes to security and supply chain management, it’s especially important to look at future scenarios and manage security proactively. Reacting to crisis situations is not enough. Companies have to find the right combination of preventive and reactive measures to achieve the optimal level of supply chain security. 

Executives should keep an eye on so-called wildcard events too. That means looking at the possible financial impact, the relative vulnerability of their business model and their company’s ability to react to low-probability, high-impact events. 

How Signal is Already Helping Secure Logistics Supply Chains

Signal Open Source Intelligence software allows you to gather hyper-relevant real-time data giving users a clear oversight of their often vast supply chain operations. 

This means they will have details of potential disruptions or cyber-attacks before, or as, they are happening allowing them to implement their contingency plans in a timely fashion and prevent unnecessary financial losses.

It is estimated that cybercrime will cost organization a combined amount of upwards of $6 trillion a year. Cybercriminals are getting smarter and to defend networks, predict threats, and protect staff, organizations need increased access to timely intelligence. 

Effective information security requires smarter detection techniques which is why many organizations are incorporating AI-driven solutions and products to enable their security teams. However, even with AI assistance the sheer amount of data to assess is encumbering. Signal offers a multi-faceted approach that incorporates filters using boolean logic, AI analysis, and a human hand.

Getting Actionable Insights in Real-Time

In threat intelligence having timely data means everything! Having hyper-relevant intelligence as or even before events are unfolding could mean the difference of several zero’s. By contrast, acting upon old threat insights that maybe have dated can be counter-productive, or even undermine the purpose of the intelligence.

Automation and AI tools can make all the difference when it comes to constantly collecting fresh data. A threat intelligence platform such as Signal which harnesses automation and AI tools massively expands the potential data sources and amount of data that an organisation is able to effectively and efficiently monitor. As well as enabling security teams to sift through all that data and detect anomalous and potentially dangerous activity.

Reacting fast is vital to mitigating threats, but what is even more effective is preempting potential attacks enabling security teams to take preventative measures. For example, using a dark web scan a security team might discover an exploit package for sale targeting a previously unknown vulnerability. Discovering this exploit pack allows the security team to patch the vulnerability before hackers have a chance to take advantage of it.

Automation isn’t Everything

Machines can save you time and in that way they save you money. The combination of AI and Automation when scanning the surface, deep and dark web allows your security team to have more eyes on more data sources. This is vitally important especially today when cyber skills are scarce and data growth so overwhelming. This combination helps prevent analysts from being utterly swamped by endless admin work and allows them to deliver true value to their role.

That being said. Machines can only do so much by themselves (at least for the foreseeable future. People remain fundamentally better at understanding insights from potentially vague context and who are able to deliver an effective response.

Acting fast as we have already mentioned is incredibly important. But just throwing machine learning at the threat intelligence problem isn’t nearly enough. The perfect blend combines rapid and large-scale initial gathering and analysis by machines that then hand-off to their human team-mates to apply strategic intellect while the data is still fresh.

Security professionals have to think how cybercriminals think: machines (e.g. botnets) to do the heavy lifting and a sprinkling of human intervention to execute as successfully as possible.

Injecting Human Intelligence into Automated Threat intelligence

The key to superior threat intelligence accuracy and timing is to leverage automation whilst simultaneously injecting human expertise. You don’t want to be wasting your human resources by making skilled data security analysts wade through piles of admin. Nor do you want those analysts to miss potential anomalous data because your automated system disregarded a seemingly meaningless information package which later turned out to be a viable threat. 

Signal allows you to create filtered searches using Boolean logic scanning your chosen data sources and understanding potential location information. These searches can additionally be run through our emotional analysis tool Spotlight. 

There is one more problem though. Getting the balance of human and automation right is essential if you want to derive an effective threat intelligence system at a competitive cost.

To solve this problem we have launched our Sapphire program. Sapphire is an optional bolt-on which enables Signal customers to leverage our skilled in-house data analysts to further refine their results allowing their in-house security personnel to spend time on delivering real value.

Final Words

As can be seen from the description above, Signal is not an “AI application” in the commonly understood way. Instead, it’s a system where we use AI techniques and automation in multiple places to create a tool which in the right hands creates an extremely capable intelligence solution.

Even though machines and software will continue to evolve with dazzling speed, the complexity of threat analysis means there will be plenty of challenging opportunities for human analysts for a very, very long time.

An estimated 2.94 billion people globally use social media. This is roughly a penetration of about 40% which is only expected to grow. However, in developed countries, this penetration rate is even higher. Facebook and Instagram are currently the two most used platforms, but there are numerous channels with hundreds of millions of active users daily. 

On any one of these channels, attackers might voice their intentions, spread false information concerning your organisation, or partake in more obscure but potentially equalling dangerous activities such as cyber-bullying or phishing. Because of the high number of users paired with the social nature of discussion, potential threats often emerge on these channels and forums first, even before they become a tangible risk.

On top of this, many companies have active social media presences which enable them to engage with their target audiences for positive brand growth. However, because of the saturation, companies are opened to several new vulnerabilities that come hand in hand with the opportunities that social media presents.

A fundamental challenge with social media monitoring, then, is knowing where to look and how to identify credible threats amidst overwhelming noise in a timely fashion that doesn’t require immense resources.

In this article, we explore some of the key threats that evolve and can be monitored using social media channels as well as how to overcome the fundamental difficulties surrounding effective social media monitoring.

The Challenges of Social Media Monitoring

Using social media monitoring as part of your comprehensive cybersecurity strategy has several key benefits unique to the platforms involved. However, leveraging social media for increased security and situational awareness can be a challenge and, without the right tools, it is next to impossible to effectively monitor these channels and form timely responses.

The amount of chatter on social media channels is both a boon and a curse to security professionals. People discuss everything from the inane to clearly threatening conversations and actions. All of this happens though, across dozens of social media channels. On Twitter alone, there are some 500 million tweets a day. In one study, it was found that five new profiles are created on Facebook every second - and it’s quite possible that some of those are fake or could be a threat to your business.

An example of using social media to gain increased situational awareness is the 2019 Christchurch shooting. Parts of the event were live streamed through social channels. Those security teams monitoring these channel were amongst the very first to know of the event as well as gain valuable situational awareness that allowed them to respond more effectively than without this information.

To overcome the key challenges presented by social media monitoring it is vital to employ the right tools and resources. For example, Signal OSINT platform allows you to monitor your chosen social media channels continuously and set up tailored lives streams and customised filters to help user identify potential threats from the noise of online chatter. To further refine the data gathered through the use of Signal you can run things through our sentiment analysis tool. 

Signal enables users to monitor not just social media but the surface, deep, and dark webs in their entirety forming the crux of many organisations’ security efforts.

Identifying Threats 

Intertwined in the comments, posts, pins and tweets are a multitude of information security and business risks. From targeted phishing to full-on account takeovers or even emerging threats against physical assets. As social media continues to dominate business communications, security teams must understand and address the risks posed by social media, the largest unsecured IT network on earth.

Here are a few of the key identifiable security threats associated with social media.

Targeted Phishing

Phishing attacks have been evolving over the years to incorporate and take advantage of the everyday tools that both businesses and consumers use. One such method is by using social media to gather data on targets through phishing attacks and other strategies. 

For example, is your mother’s maiden name listed on your Facebook? Where did you go to school? Did you post pictures of your first ever pet? All of this data commonly used for security questions is freely available for determined fraudsters. For those that are a little more enterprising, they might even get you to volunteer particular details disguised as a fun quiz. Phishing attacks are generally used to gain valuable data which can then be used for monetary gain. 

Social Engineering

By using social platforms criminals can build trust and through the use of deception manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. This can take on several different aspects whether it’s targeting employees to divulge information about a company or manipulating customers to share personal information that would allow them login access to their accounts for the purposes of identity fraud.

Account Takeover

An account takeover is a form of identity theft. This is when fraudsters illegally use bots to gain access to a victims account. There are several reasons this could be valuable to a hacker. For example, what they might do is launch a phishing attack from this account which will allow them to utilise the trust associated with that individual’s personal account to increase the chances of success. 

Physical Threats

Social media is a public forum where a huge number of people go to express their opinions. What this inevitably means is that both positive and negative sentiment is expressed about companies, organisations and people. Some of this sentiment holds serious reputational risks or may even evolve into a serious physical threat against an employee or asset. 

Final Words

Experienced hackers and cyber-criminals, understanding the public nature of the channels will attempt to avoid actions that expose their intentions. Social media threat monitoring in this way has its limitations, which paired with those relating to privacy protections inhibit it from being a comprehensive intelligence source.

That being said, social media, when monitored effectively can catch negative sentiment as well as expose potentially dangerous or threatening information or conversations in real time - some of which will prompt further investigation or other actions to be taken. Social media monitoring can provide critical real time information on threats increasing situational awareness, but organisations and their security teams are well-advised to not lose sight of the forest for the trees. 

The usefulness of social media monitoring is best leveraged in a holistic risk management approach, one that incorporates diverse security strategies, including a range of cyber security measures.