Intelligence Driven

Intelligence Driven

Don’t be caught by surprise in your security operations

Whether you’re a government, corporate or nonprofit organization the enemy of security operation is surprise. Surprise causes losses: losses in revenue, losses in operational agility and even loss of life. In the data age, it seems impossible that very much is unknowable, but there is a vast gap between knowable in theory and known when you need to know it. Like opportunity, security is a factor of time and place. With data, analysts can pull together a crisp picture of the security profile of a place in the time that matters, but it takes understanding how to handle the millions of data points among which that picture sits.

Too often today, most security operations are not taking advantage of the available data to drive physical and operational security. Those that have discovered the value of data analytics are primarily using single sources of information or multiple sources that are not integrated into a fulsome security awareness picture that would enable them to make smart decisions protecting life, property and operations. There are three primary inhibitors to making data driven decisions:

Volume. The shear amount of content available at once is both impressive and overwhelming. Industrial age processes that require heavy human touch are no longer a valid way to make smart decisions— there is too much data and not enough people.

Variety. Most security operation centers today are not taking advantage of the variety of content needed, and available, to make smart data driven decisions. All too often there is an overreliance on single sources of information like social media that paint only a portion of the picture.

Veracity. Deciding what data you can trust, you are comfortable making a decision with can be a job unto itself, and the answer isn’t always black and white. Information can be very useful in one context and completely useless in another.

How a chief security officer decides what is best for their operations, what data is needed and what systems are needed to analyze that data is now as important as what people to hire to execute those decisions. Whether you’re running a global, regional or local operation, the content and analytics needed to ensure the safety and security of your operations and your people has never been more critical. To meet the needs of global postindustrial businesses a modern, postindustrial security approach is needed that is driven by smart multi-variant data analytics.

A Two-Stage Plan for Data-Driven Security

Data is abundant, and taken all together, largely meaningless. What you do with it is the real value, and knowing when that data is valuable is priceless. Detailed below is a twostage plan for bringing the right data to bear on security decisions, each using the right datasets and technology to solve the specific tasks of situation discover and investigation.

Stage one is alerting. In the fast sea of data, there is a signal that can drive awareness of looming concerns, along with enough noise to overwhelm nearly any attempt to parse that signal out. In a single day, the amount of social and news media that could affect security operations of a single location is in the millions. Add to that more continuous data from IoT devices and security cameras and the problem quickly surpasses human scale solutions.

At this stage, the goal is two-fold: building systems to identify patterns that point to risks and selecting the right kinds of data to feed into those systems.

The second part is easier to tackle first. What data really matters? Plainly stated, there is an overreliance on social media right now. It is understandable that this is a natural first foray into data-driven security because the needed search and sorting tools are easy to find, but too many operations are using social media as their primary, and in some cases only, mass market data source. While incredibly important to understanding breaking events, local and regional attitude and brand management, social media is a biased data source and can skew security operations.

A system of integrated social media, news media, IoT, security and web cameras, crowd sourced data and even data from satellites such as imagery and radio frequency signal can supercharge global security operations and move you closer to an intelligence driven security operations center. Using a system or platform that automates the integration of security related content with artificial intelligence models that enable your officers to have persistent knowledge of potential threats to your operations will drive smarter decisions and save resources.

However, simply adding more data does not equal enhanced security. Analysts of all stripes, from military intelligence to business to security operations, find themselves overwhelmed with the sheer volume of data that is available. As John Coyne noted, “Sifting through that deluge of data in the required timeframes is now, more often than not, beyond the capacity of a single intelligence professional.”

This brings us back to the first part of our alerting goal. In commercial and government settings, operations get bogged down by the very data that could empower them. As with many other uses of big data, it takes well-trained machines to identify the data that matters, and fast enough to make that data useful.

Artificial intelligence (AI) and machine learning, specifically anomaly detection algorithms and risk models, enable one officer to do the work of ten by driving them to the most important content and help them look where they didn’t know to look.

Automated natural language processing and generation enable operations to instantaneously prepare reports that would take hours to days using traditional methods. These artificial intelligence algorithms are being utilized today in business intelligence processes and will also revolutionize intelligence driven security operations—speed and accuracy will drive security decisions just as speed and accuracy drive financial investment decisions.

Stage two is drill down. Red flags are vitally important, but alone, they are like a trigger without ammunition. Analysts need the tools to investigate situations these red flags point to. This is where social media is particularly unreliable on its own. For example, a dozen tweets about an earthquake in the region of a strategic asset is valuable, but those people do not share your interest in that asset. It takes multi-variant analysis to look into the wellbeing of your charge. A scan of webcams, mobile phone data or IoT data could be required to know exactly what is called for in a situation where nearly any outcome is possible.

This is less of a big data challenge and more a challenge of immediate access. How can you find the webcam view you need fastest. Here systems must be built to offer up relevant resources by place. The drill down time is entirely a factor of knowing how to find the feeds that will confirm the status of what matters to you. By mapping feeds that are locked in place and using geospatial intelligence to pinpoint movable sources, analysts can dispense with nearly everything that is irrelevant and focus their energy and time on the handful of sources that might prove useful.

The Technology is In Use Today

The tools to attack this two-stage strategy are not science fiction. AI and geospatial intelligence are both mature, if also quickly developing technologies that have found countless other uses, but are just now being applied together to address security issues.

AI can detect patterns that have gone unnoticed by experts, because they don’t have the time and resources to sift through all available data. AI is not a replacement for a trained officer but helps focus them, drives them to the more relevant information, informs them of activities that would have gone unnoticed and gives them the abilities of 10 analysts. Even better, platforms and algorithms that are able to alert to new problems as they arise, making operations centers aware of issues that otherwise would have been lost in noise should be the standard.

Geolocation is widely used today for applications as mundane as offering a coupon for a latte to people as they enter a Starbucks. In more security minded applications, geospatial intelligence was used to help find Osama bin Laden. When used together, AI and geospatial location paired with a smart plan of attack can dramatically increase the power of analysts to know the previously unknown, and in enough time to make a dramatic difference in security outcomes.

This article originally appeared in the May 2018 issue of Security Today.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3