Protective Intelligence Terminology Glossary

How would you define "insider threat"? What exactly is the difference between Executive Protection and Close Protection? Getting started in protective intelligence can be overwhelming, especially when you consider the myriad of intelligence terms, concepts and techniques that security professionals and decision makers must become proficient in to excel in their role.

To assist those digging into the complex world of physical and cyber security, we've compiled a list of common terms in this protective intelligence terminology glossary, sorted from A to Z.

A

Back to Top

Asset: Anything within an environment that should be protected, including anything used in a business process or task. It can be a computer file, network, product, device, intellectual property, reputation, etc.

B

Back to Top

Be on the Lookout (BOLO) Report: Refers to a type of report alerting protectors to a potential threat they should be aware of. The report includes the most pertinent information used to identify the person. The term “BOLO” can also be used more casually to refer to a person who security personnel are actively trying to identify.

C

Back to Top

Case Management: Processes and tools that assist security practitioners in investigating incidents by collecting and databasing all relevant information in a single location.

Corporate Security: Programs, policies, and processes designed and implemented to protect the personnel, assets and intellectual property of an organization. Corporate security programs typically are created to mitigate risks and ensure the continuity of operations.

Cybersecurity: The art of protecting networks, devices, and data from unauthorized access; the practice of ensuring the confidentiality, integrity and availability of information.

D

Back to Top

Dark Web: A subset of the deep web, with two general characteristics: one, the sites are not indexed by the major search engines; and two, they must be accessed by using special software, methodologies, and related permission layers. The Dark Web is often used by social deviants, criminals, hackers, and other outliers.

Deep Web: The remainder of the internet that has not been indexed by search engines. Generally, it is accepted that about 95% of the internet is the deep web, while about 5% of the internet is the surface web.

Due Care: Also referred to as ordinary care or reasonable care. A legal concept used as a test of liability for negligence. The degree of care that an ordinary and reasonable person or company would normally exercise over his or her own property or under circumstances like those at issue.

Due Diligence: The process of acquiring objective and reliable intelligence, generally on a person or activity within a company or corporation, prior to a specific event or decision. It is usually a systematic research effort used to gather critical facts and descriptive information about the subject that are most relevant to making an informed decision on a matter of importance.

Duty of Care: The requirement that a person or company act toward others and the public with the watchfulness, attention, caution and prudence that a reasonable person in the circumstances would use. If a person's actions do not meet this standard of care, the acts are considered negligent, and any damages resulting may be claimed in a lawsuit for negligence.

E

Back to Top

Executive Protection: Also called Close Protection (CP) or executive personal protection. Private risk mitigation programs and security measures designed to ensure the safety of individuals (principals) and their family members.
Learn more about Executive Protection

F

Back to Top

Field Observations: Information obtained by field operatives, either through direct observation of specific behaviors or areas of interest, or via interaction with a subject.

G

Back to Top

Global Security Operations Center (GSOC): Also known as a “fusion center”. A central office typically operated 24/7 where all physical security information is collected, filtered, analyzed, and disseminated to appropriate stakeholders.

I

Back to Top

Insider Threat: Threats posed by individuals who have insider information about or access to an organization’s physical or cyber assets that could cause harm to the organization, either intentionally or accidentally. An insider threat could be an employee, contractor, former employee or other knowledgeable individual with an understanding of internal assets or controls. Learn more about Insider Threat

Intelligence: The product resulting from the collection, processing, integration, analysis, evaluation and interpretation of available information.

Investigative Research: Techniques used to collect information from different sources to uncover additional details used to further an investigation.

L

Back to Top

License Plate Reader (LPR): Also referred to as License Plate Recognition. The ability of a program to identify and catalog license plates in a database. Requires hardware and software components to function. Useful when tracking BOLOs near assets.

O

Back to Top

Open Source Intelligence (OSINT): Open-Source Intelligence is publicly available information appearing in print or electronic form including radio, television, newspapers, journals, the Internet, commercial databases, and videos, graphics, and drawings.

P

Back to Top

Personally Identifiable Information (PII): Information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Protective Intelligence: an investigative an d analytical process used by protectors to proactively identify, investigate, assess, and mitigate threats to protectees.
Learn more about Protective Intelligence

R

Back to Top

Real-Time Threat Detection: Processes and tools that provide monitoring and alerts detailing threats to an organization, most often focused on identifying and detecting emerging threats to an organization’s security and business continuity as they occur.
Learn more about Real-Time Threat Detection

Risk: The possibility or likelihood that a threat will exploit a vulnerability to cause harm to an asset. It is an assessment of probability, possibility or chance. Risk = Threat x Vulnerability.

Risk Management: The process of identifying and analyzing potential risks to an organization and creating effective strategies to mitigate, avoid, transfer, or accept each risk.

S

Back to Top

Safeguard: A security control or countermeasure taken to remove or reduce a vulnerability or protect against one or more specific threats. Safeguards are the only means by which risk is mitigated or removed. Example: installing a software patch, using protective intelligence measures, hiring security personnel, using access control, etc.

Safety Risk Management: Programs and processes designed to identify hazards that could cause a safety risk and implement effective countermeasures to mitigate those risks.

Security Intelligence: Information collected and analyzed to protect an organization against internal and external threats.

Surface Web: Parts of the internet that have been indexed/crawled by search engines such as Google, and are thus searchable via various search engines.

T

Back to Top

Threat: Any potential occurrence that may cause an undesirable or unwanted outcome for an organization or for a specific asset. Action or inaction that could cause damage, destruction, alteration, loss, or disclosure of assets or that could block access to or prevent maintenance of assets. Threats can be people, malicious programs, environmental events, human error, etc.

Threat Assessment: An objective, fact-finding process that is used to determine if a person, group, or situation poses a risk of violence to an identified or identifiable target (e.g., employee, facility, or event) - and if so, to develop and implement plans to reduce the threat and/or protect the target. The entire process is also known as “behavioral threat assessment and management” or “BTAM.” Efforts to implement plans to reduce the threat and/or protect a target - regardless of whether a threat assessment was conducted - may be referred to simply as “threat management.”
Learn more about Threat Assessment

V

Back to Top

Vulnerability: A flaw or weakness that could be exploited, exposing the organization to threats. The absence or weakness of a safeguard or countermeasure is a vulnerability. Vulnerabilities can be exploited by threat actors to cause harm to assets.

W

Back to Top

Workplace Violence: An act or threat of physical violence, harassment, intimidation, or other threatening and disruptive behaviors that occurs in the workplace.


Want to learn more about protective intelligence, safety, security and protection from some of the industry’s leading experts? Check out our Resource Library, filled with helpful tips, tricks and stories from the field.

Sign up to receive the Ontic Center for Protective Intelligence Newsletter

Thank you for signing up.