The potential for a crisis is real: Companies with more than 5,000 employees have averaged one meaningful crisis a year for the past five years, according to a recent PwC study. But what if you could proactively limit the effects of a pending crisis, thanks to early warning?
Senior Security and Intelligence Analyst Tony Walsh spent more than 30 years with the Metropolitan Police force in London before moving into the private sector with senior security roles at a FTSE 250 financial services firm, and later, at the world’s largest privately-owned cruise line.
Here, he shares his advice on how companies can use real-time alerts to protect stakeholders, assets and operations during a potential crisis.
What’s important when it comes to deploying a crisis management strategy?
You first need to collectively, as a business, define what a crisis means to you. You need a benchmark in which you can measure a potential crisis scenario against. I then evaluate if the incident or event is going to have a significant effect on the business; our staff, customers or reputation. Once the tipping point is reached and a business continuity rep can’t resolve the situation locally, we escalate it.
You also need support from the top down. I think that's the most important thing. A crisis management team can bring in skills from their various backgrounds and use cutting edge technology like Dataminr, but if the programme doesn’t have buy-in from the executive committee down, it will be less effective.
Do you document your activity for governance or compliance purposes?
Everything is documented in a decision log, which will be timed and dated, including a chronological record of our actions and the measures we put in place. If we put a command and control structure in place, that will all be documented, too.
How can Dataminr be used within security operations to mitigate risk?
Dataminr provides that early indication of a potential crisis. It helps you to horizon scan by providing relevant information as soon as it hits social media platforms and other public sources. You can record specific terms attributed to events that can negatively impact your business.
Early detection is vital for businesses to stay ahead of the game, as it allows them to put structures and processes in place quickly, so they can get back to a business-as-usual state.
Did you need any specific training in order to see the full effect of Dataminr?
In the past, I’ve had help from our Client Engagement Manager to tweak the search terms that were bespoke to our use cases, but it’s an easy platform to use. We step back every now and again and assess if we’re getting too much white noise or need to adjust the radius of our geo-location. Contact with Dataminr has always been great when we’ve needed that helping hand.
Are there any instances in which Dataminr has provided you with early warning of an incident?
It’s been particularly helpful in protecting staff and premises around the world experiencing political unrest. When demonstrators move toward an office, it can affect employees getting in and out. In this case, I’d advise staff to work from home that day or stay in their hotel, depending on their location. Ultimately, you’re looking to keep the impact on your people and the business to a minimum.
I also used Dataminr to identify carjackings to and from airports in South Africa, where attackers were targeting businessmen and line crews. There was an initial Dataminr alert informing us of a carjacking outside Cape Town where we had a number of employees travelling. We were able to get context around the violence, which was steadily increasing, brief our staff of the situation and arrange the necessary measures to keep them safe.
There was also an evacuation of a London shopping centre next to an office of ours. It turned out that there was a fire at a restaurant within the complex and it would have no impact on our building, meaning no evacuation was required. I simply took a screenshot of the picture provided within the Dataminr alert and emailed it to the business continuity reps immediately.
It's often difficult to measure the return on investment (ROI) of security operations. So, in scenarios such as these, how do you ascertain value?
The process from an incident occurring to us actioning a Dataminr alert takes seconds. If we didn’t have a tool like this, we would have evacuated the London office, for example. That would have meant unnecessary downtime for the business, so the business would have lost money. That’s the ROI – we’re mitigating financial risk.
In the case of the Cape Town incident, we wouldn't have been aware of it unless we’d read the local papers, because it didn't make the news over here. But, as we had a 20-mile ring fence of Cape Town set up in Dataminr, we were alerted to it. That’s the real value when it comes to personal security. It's difficult to put a monetary figure on crisis management. You simply plan for the worst-case scenario in the hope that it doesn't happen.
And with Dataminr pulling in information from multiple data sets, it saves me an awful lot of legwork as an intelligence analyst. I don’t need to spend time and effort manually monitoring numerous websites when it can be automated. I just want to see the relevant information coming into my inbox, from which I can decide whether we need to act on it or not. Otherwise, I would never be off the social media platforms.
It would make the job a lot more difficult if we didn’t have Dataminr. I'd have to subscribe to all the platforms and search them simultaneously. So, there’s an operational efficiency there, too.
What advice would you offer to other risk professionals who are looking to use technology to improve their security operations?
The technology must form part of the overall operational structure that you're trying to introduce. If the business has an appetite to have a global security presence – and a crisis management team – then they need the tools to do it effectively. It needs buy-in from the top down.
Security professionals also need to get out into the business and demonstrate the value they bring. Be proactive and present back to the event management team; the internal audit team; business continuity reps. Show them the tools at your disposal. Once they know what you can do, and the kit you've got access to, they'll be knocking on your door. You want the business to know that, if a crisis occurs, you've got the right people in the right places with the right bit of kit.
Thanks for your insights, Tony!
To learn more about how Dataminr can help your business mitigate risk, request more information.