Please enter your email below to subscribe
Recently, I had the honor to speak on the topic of ‘Command Center Best Practices’ at the Latitude conference hosted by Geofeedia in Chicago. Latitude is the only location-based social media intelligence conference currently being offered to corporate and public-sector audiences.
The event was well-attended by a broad spectrum of key stakeholders tasked with the integration of social media intelligence into their operating environments.
My panel covered a wide array of topics including the transition of the Command Center function from a security-system monitoring center to a more robust, predictive intelligence fusion center utilizing proactive incident mitigation models.
For the past couple of years, I’ve been evangelizing the concept that “The Command Center is a process and a function, not a room”. For decades, our industry has perfected “room building”, where we throw a lot of monitors up on the wall and put a lot of workstations in front of operators so they can watch over cameras, access control and intrusion alarms. This monitoring of security systems, while an important function, does not address the enterprise risks that can impact the revenue, reputation, market capitalization and shareholder value of an organization.
Repurposing this investment in technology and then layering in actionable intelligence onto all of these screens and workstations is where true ongoing value can be gained from the Command Center investment.
Social media intelligence is the newest and most compelling feed that should be a foundational layer in this process. While attending the ASIS conference in Anaheim a couple of weeks ago, I got into several discussions about predictive intelligence. Being able to forecast future events that could have a material effect on a company several days before the occurrence and being able to apply proactive mitigation strategies is a tall order. I was challenged that this wasn’t really a practical vision.
Timing was excellent for this discussion. There was a hurricane inbound to the East Coast during this conference, so I was able to focus on this use case as a real-life example:
“By looking at the feed from the weather service, you can see the projected intensity, velocity and direction of the event. You can see its projected landfall and the timing for when it may impact your facilities and the extent of damage you can expect. You can begin to plan today for what’s most likely to happen two days from now”.
This is actual predictive intelligence that works.
We’re all familiar with using weather forecasting to determine if we’re going to have a bad day at our facilities in Washington D.C. three days from now.
My point is location-based social media intelligence can also provide this function. If a nefarious group is going to make your life miserable at your Washington facilities three days from now, they are organizing this in some digital manner today.
The challenge is to mine the data around this activity in a manner that will let you know the projected intensity, velocity and direction of the event, its projected landfall and the timing for when it may impact your facilities and the extent of damage you can expect.
We’re not there yet, but the advances that are being made by technology companies in this area are gaining momentum. Waiting until this type of feed gets as consistent as the weather service is missing out on a compelling amount of actionable intelligence that can impact your operations today.
On my panel we discussed several current use cases including the posting by bad actors that they were heading to a property to set up drug distribution, an employee posting that he was getting high before going to work, miscreants posting articles they had stolen from a facility and attendees at an event seeking enough “re-Tweets” so they could cause a disruption and get their 15 minutes of fame.
While these use cases are not as severe as hitting the gold mine of finding chatter that there’s going to be a major protest in your headquarters city three days hence and your company is going to be the target, they are compelling instances where events are occurring that certainly will not be a blip on your security system radar until it is way too late to act.
This brings us back to my “process and function” remark. When you move from the objective, checklist-oriented procedures surrounding the response to a security system event to the much more subjective response of predictive intelligence feeds, you need a much more robust library of policies, procedures, business rules and protocols for your operators to be able to effectively handle the mitigation and escalation of these incidents. Tabletop exercises are also a must in this environment so your entire response team can practice their roles in a controlled environment before they have to jump into a live, dynamically-evolving threat scenario.
I spend most of my time master planning and implementing global command center initiatives, and this critical area of enterprise risk management continues to evolve on almost a daily basis. Expanding the vision of these centers along with equipping them with the functional tools and business intelligence processes to make them relevant in tomorrow’s risk environment is never dull, and I’m happy to share current success stories and best practices to keep these centers relevant in the protection of the overall value of the companies and facilities they are empowered to protect.
Matt Wharton serves as president for the Guidepost Solutions Security and Technology Consulting group and oversees its core services: cyber security, system design and project management, global command and control centers, security assessments and managed services. He is a career security professional with more than 30 years of experience leading security consulting and integration firms. Matthew can be reached at firstname.lastname@example.org.