Combating threats in a digital age
In an era of considerable social and digital growth, the world’s largest community is no longer only land-based. It exists online too.
Marketing and PR have embraced the world of social media and the Internet; however, in my view, the security industry is only just starting to penetrate these channels, having fallen a little behind in this field.
The security industry collectively has made some progress towards digital resilience; however, standards are now in need of development. Investment and high level solutions are required to truly mitigate and understand imposing threats.
When we think of digital threats, we immediately think of cyber threats: ransomware, viruses and malware. Globally, companies have invested significantly in tackling these ever-growing battles. But why stop there?
From a personal perspective, I’ve dedicated my career to understanding and investigating the social aspect of online activity. Generally, I have found that organisations are wary of combating the Internet or investing their time and finances into the area, because they don’t fully understand it.
Generations of people, worldwide, have access to the Internet to communicate and socialise through social media. Therefore, a greater focus on these platforms is needed to combat potential new threats.
Open source investigation
Law enforcement agencies understand that intelligence can be gleaned through open source investigation. Though the security industry has made some headway in this arena, I have found that many organisations can do a lot more to investigate this pool of information.
Social media platforms are a primary source of communication for many, meaning there is an enormous amount of information and intelligence in the cyber sphere. People report suspicious behaviour, post images and videos of terror attacks, acid attacks and a whole host of interesting topics; they even report 101 information to the police through social channels.
So, what does open source investigation bring to the table? In the first instance, we can begin to combat the dreaded Insider Threat, providing an enhanced level of vetting for particular roles that have a heightened requirement for discretion.
It is widely understood that companies look at an applicant’s overt social media use to see if there are any obvious concerns regarding their employment. But is this enough?
Digging deeper
Many people will change their name or handle in order to mitigate potential employers identifying their social footprint. Therefore, we need to train Vetting Officers to dig deeper and identify key indicators which may suggest a potential employee may not have honest intentions.
Additionally, we can begin to understand how organisations are perceived by the public, and in particular by individuals or groups that wish to target them for attack. This is something I am currently developing in my own organisation and hope to bring to the forefront as an industry standard.
Fake news
It is true that the Internet is full of what has become known as fake news, which is often taken at face value. The recent Oxford Circus “terror attack” on Black Friday was, in fact, a brawl between two passengers on the London Underground.
Reported initially as a potential terrorist incident, panic spread like wildfire online, demonstrating the power of social media. On the busiest day in the retail calendar, it seemed a logical target for a potential attack; however, this was not the case.
This is where open source investigation comes into its own, corroborating and validating information before panic spreads.
We all know that the Internet can be a dark and grey area; you can buy weapons, or drugs and learn how to make IEDs. Potential terrorists can also connect online with other like-minded individuals.
So my question is, how do we get on the forefront of managing a potential attack instead of playing catch up?
We are developing software to give us a head start on combating social terrorists. From my experience, there’s no right or wrong way to address this issue; however, by investing in open source development, we can understand the powerful impact the online world plays in our everyday lives.
We also need to invest in the right monitoring software. No individual can sit in front of Twitter or Facebook and watch the millions of posts shared every second across the world. We must identify ways to filter information to provide valuable intelligence; blogs, websites and community pages are all examples of the vast amount of valuable public information which can be utilised for our benefit.
It is widely publicised in the press that terrorist and social activist groups target vulnerable individuals and recruit through social media and other open source avenues. Let’s address this threat head first and give our organisations the best possible chance of preventing terrorism.
J. Ross
Securitas Security Services UK