Let’s face it — proactive security is no longer a “nice to have.” With a rapidly evolving and expanding physical threat landscape and an exponential increase in pre-incident indicators, proactive threat hunting is a necessary component of any successful corporate security program. However, with more sources of data than time to make sense of it all, it can be overwhelming to know where to start.
Building upon the information shared in The Protector’s Guide to Establishing an Intelligence Baseline, effective and sustainable protection involves getting more granular. Instead of isolated details, it’s critical to consider the holistic picture, including:
- Personalization of the communications
- The tone
- Escalating frustrations
- Indirect references to the principal
- Frequency of communications and commentary
Reconsider the Data at Your Disposal
The next step is to review your sources for data intelligence and stretch beyond less traditional ones. Having technology in place to easily share intelligence amongst teams is an invaluable foundation for staying ahead of threats. Canceling your next office order of sticky notes and committing to a process that revolves around a central source of information allows you to easily measure trends and identify patterns and anomalies in behavior from a threat actor.
Ensuring this central repository, or internal library of threat data, is accurate is the key to proactively addressing threats before they amount to a more serious matter. Working off of information that is days, or even hours old, will lead to more signals slipping through the cracks and decrease a security team’s ability to take preventative measures.
Lastly, the information captured in IoT devices and hardware helps tell the full story of what is happening when integrated into a security platform. While the isolated incident of an unauthorized visitor interacting with a security team is important data to consider, it becomes that much more valuable when the time, frequency of interactions, and non-verbal behavior of the interaction are factored into the bigger picture.
A Mindset Shift — New Threat Hunting Habits
Shifting our habits and getting more creative with our threat hunting efforts will allow companies to catch more and miss fewer signals. Recognizing patterns of data are crucial to identifying pre-incident indicators before it’s too late. While it’s important to know what a threat actor is saying, knowing how often he/she is communicating and when a period of silence occurs can be game changing.
Learn more about how to elevate your threat hunting efforts and download the complete whitepaper here: Level Up Your Threat Hunting Game: Creating Intelligence from Anomalies and Patterns.
About the Center for Protective Intelligence
By every metric, the role of protective intelligence is growing increasingly important for your security program. The Center for Protective Intelligence is Ontic's approach for sharing our expertise through content and community building in order to support the mission of physical security professionals of keeping people safe.
Sign up for the Ontic Protective Intelligence Newsletter