Necessary Symbiosis: Threat Intelligence and Physical Security
On my first day as a threat intelligence analyst at my previous job, I was given two computers and told to “go find the threats.” I thought to myself, “Sure. Where? Who? What are we concerned about?”
Always ready for a challenge, I dove in head first and then quickly learned the answers to all of my questions. During this time, the organization was heavily concerned with demonstrations that could pose a physical threat. So when I identified some information about protests that were likely to have an impact on our organization, I asked my colleague where to send it. “Physical security and executive protection,” he said. Alas, a new friendship was born! Those two teams were always grateful for any additional context I could provide on threats that could shift their priorities.
In fact, Flashpoint was a critical intelligence partner for us throughout this process. The company’s unrivaled access and intelligence expertise was apparent from the start. Therefore, I leaped at the chance to join Flashpoint to build out its Physical Security practice for Advisory Services.
I was eager to take on this new role largely due to what I had learned in my former role: how the relationship between threat intelligence and physical security and executive protection should be symbiotic. We provided those teams with contextual intelligence to help them achieve their missions of physically protecting our company and executives. While they would usually come to us seeking information about potential physical protests and threats to executives, they would often request additional details on the threat landscape surrounding the various regions in which we conducted business.
Generally speaking, the following real-world use cases demonstrate the importance of maintaining a strong connection between threat intelligence and physical security and executive protection:
• Charlottesville — Prior to the tragic activities that occurred at the planned rally, our physical security team was tracking the details, reporting to clients about potential risks, and continually monitoring the threat landscape around the event. This intelligence allowed clients in the area to prepare their employees and help achieve their No. 1 goal: employee life safety.
• In other instances, a company might have an executive who is traveling abroad for business and is concerned about regional risks. Aligned threat intelligence and executive protection teams can provide an Executive Travel Risk Report to specifically help guide the executive during travel and minimize risk.
• Finally, I want to look at one industry in particular: oil and gas. These organizations have assets dispersed around the world, some of which can be found in regions prone to jihadist activity. During a physical security review, it’s likely an executive will request an assessment of all assets that could potentially be impacted by terrorist activity. This specific scenario requires a mix of threat intelligence, jihadist, and physical security expertise.
Even for organizations that have yet to establish independent physical security or executive protection functions, Flashpoint has developed a Physical Security Blueprint that provides step-by-step guidance on how to create, or elevate, your physical security and executive protection programs.
In the world we’re in today, cyber activity and physical activity are becoming increasingly intertwined. Physical security programs need to be able to address a wider range of threats, such as those pertaining to nation states, sectors, militia and terrorism, and specifically jihadist expertise. Indeed, programs that apply intelligence to the full spectrum of functions and assets across an organization can more effectively protect intellectual property, physical holdings, employees, and executives alike.
Sure, you could try to get by with a couple of computers, good instinct, and some info thrown to other departments. Or you can create a program that helps diminish physical risk.