It’s hard to believe that more than two years after most countries went into their first lockdown, the COVID-19 virus—particularly the new Omicron variants—continues to wreak havoc around the world. By this point in the pandemic, many organizations have reevaluated their crisis playbooks to devise the best strategies to protect their people, strengthen organizational resilience and maintain business continuity.
If 2021 was any indication, the pandemic is not the only challenge businesses will face in 2022 and beyond. Geopolitical conflict, extreme weather, cyber crime, supply chain disruptions and reputational risks are just some of the other high-impact events businesses need to prepare for in 2022 and the years to come.
Given that organizations now have to contend with a more diverse set of risks in a more volatile world, it’s imperative that they have the right real-time alerting and collaboration workflows to detect, investigate and respond to incidents more quickly and effectively.
Effective crisis response requires better collaboration tools
When an unexpected event emerges, there are few things more inefficient than having to scramble to come up with a response plan or locate the appropriate documents (either physical or digital) within your organization.
In such high-stress moments, business and security leaders need accessible and automated technology solutions that allow them to centralize and streamline information workflows and the decision-making process. Those capabilities become even more powerful when coupled with real-time information—which accelerates the speed at which organizations take action on high-impact events, threats and emerging risks.
While many security teams are already armed with this critical, real-time information, some find it challenging to operationalize and act on that intelligence. The key is having the collaboration tools needed to swiftly move from risk discovery to decision making.
Dataminr Pulse streamlines your team’s collaboration, response protocols and critical information flows—enabling real-time command and control as physical and cyber risks emerge and high-impact events unfold.
Dataminr Pulse: A real-world look at the power of collaboration workflows + real-time information
Dataminr Pulse combines real-time alerting with collaboration workflows to empower teams to plan for, simulate and activate rapid real-time responses to a diverse set of risks—from high-impact physical world events and cyber threats to supply chain disruptions and emerging reputational risks.
As our collaboration capabilities are built to encourage communication and transparency, they help corporate security eliminate silos and foster coordination across teams, allowing for rapid, consistent responses.
Let’s take a look at how it works before, during and after a crisis.
When there’s not an active risk
Security teams can prepare for the unexpected by analyzing past crises and building or modifying their response strategies for various scenarios. These are what we call customizable playbooks, which consist of specific actionable steps users need to take if and when an event occurs. The lists of actions can be organized by stage or by team—whichever drives collaboration and best meets organizations’ needs.
When a risk does arise
Dataminr Pulse enables security teams to operationalize real-time data by providing playbooks that correspond to an event or impact. The playbooks help teams take the guesswork out of decision making and follow the most optimized, pre-determined workflows—rather than reinventing the wheel during critical, time-sensitive situations.
Within Dataminr Pulse, intuitive features allow those responsible for managing a crisis to rapidly schedule meetings and assign and prioritize tasks for team members or guest users. Managers and collaborators can also stay on top of actions and communicate throughout the events, ensuring streamlined and efficient responses.
Take a hurricane, for example. At the onset, and as the event unfolds, Pulse delivers the earliest real-time alerts on the hurricane to inform response plans. At the same time, our geovisualization capabilities provide valuable visual context to help security teams assess the relationship between their company assets and the impact area to better understand the scope. They can use our collaboration workflows to coordinate, assign tasks and take effective actions to mitigate any potential impacts.
After the risk has been mitigated
Dataminr Pulse keeps an active, minute-by-minute audit trail detailing clear records of your teams’ actions to help you understand successes and opportunities for improvement. The log feature captures the decisions, assumptions and facts discussed during the response. You are able to see at-a-glance when each action was taken and by whom, as well as when specific decisions were made and by whom.
This lets you conduct post-incident evaluations and study the dos and don’ts, then tweak the playbooks accordingly to continually optimize the workflow for future events. As a result, you will be better positioned to face the next potential crisis.
For example, Dataminr Pulse surfaced some of the earliest alerts on the exploitation of a critical vulnerability within Apache Log4j, a store of Java-based information used to help applications run smoothly. Customers used the alerts to identify threat actor exploitation and gather critical context in real time as the situation developed.
Cyber analysts were then able to swiftly operationalize the real-time information they received to hold cross-organizational meetings, determine steps for vulnerability remediation and streamline communication to both internal and external stakeholders.
After the crisis, customers used the data recorded in the log as part of their post-event evaluations to optimize their response playbooks. Through this entire process, customers were able to effectively mitigate the impacts on their organization’s critical services and operations—all while protecting their clients’ data.
As we learned in 2021, unforeseen events and risks can cause significant disruption to business continuity and threaten the safety of employees and assets. Organizations that employ advanced collaboration workflows—and real-time alerting—will not only discover events faster than ever before but be able to more seamlessly respond to those events in the quickest and most efficient manner.