3 Questions to Understand and Analyze Any Threat


No successful team strategizes to win without evaluating who they’re up against. The same goes for security — a program has little chance of success without logically evaluating the risks or assessing the threat(s) at hand.

Understanding the Threat

The first foundational principle of an effective security program is to understand the threat, which should be the “center of gravity” for your security program. I’m going to share the two most important questions one should ask before starting any security program.

Question 1: What is the threat you’re facing?
Question 2: Why is the threat important?

Having completed countless after-action investigations on a range of attacks, I have learned a few lessons in the course of those investigations. In essence, most successful operations carried out against a victim or entity usually boil down to three failure points:

1) failure of threat intelligence;
2) a lack of tactical analysis of the threat; and
3) vulnerabilities exploited in physical security operations by a range of threat actors.

For the last twenty years, I’ve had the pleasure to visit with many billionaires and ultra-high net worth families to discuss their security concerns and evaluate their risk profile. In an effort to understand the mindset and their desire for security, I would always open with a few standard questions:

“Why do you think that you need security?
What are the drivers for wanting a security program for you and your family?”

Interestingly, the most common fear expressed was kidnapping, either of their children or significant other. Rarely did the individual express concerns about themselves, even though many I chatted with were well-known and the public face of a successful company.

Invariably, at the end of my discussion, the Founder or CEO would ask for some quick advice and my response has always been the same, “I truly don’t know what you may need, without first understanding the holistic threat directed against you, your family, and company.”

I share this statement because a snap judgement without a comprehensive view of the threat landscape is never the path to take, even if the principal wants an immediate answer. A baseline threat assessment in protective intelligence is an opportunity to scope the threat landscape prior to committing or deploying resources.

Guided by facts and analysis

The second key ingredient is intelligence. Beyond facts, it is the analysis and application of those facts that should be your guiding principle when designing a security program. For example, upon bringing the protective intelligence model to the private sector, while I knew that it would be a perfect fit, it required applying the methodology correctly. But, change management is often hard, due to mindsets and legacy systems. Change happens when you apply data-informed intelligence to drive any program, which leads to our third question:

Question 3: How often does this threat occur?

For example, was the threat a one-time instance or is there a pattern? Are there anomalies or deviations from your baseline? This is where intelligence comes in. The data defuses the emotion around the situation and allows a focus on the application of the intelligence towards resolution of the threat.

Technology tools help with various collection sources, curation of the singular instances into intelligence and alerts to stay ahead of adverse incidents.

Key Takeaways To Understand and Analyze Any Threat

To best understand what you are guarding against and avoid a backwards build of your program, you must first ask these three questions:

Question 1: What is the threat you’re facing?
Question 2: Why is the threat important?
Question 3: How often does this threat occur?

As you design your Protective Intelligence program, seek to understand the threat or threats in your environment. Figure out who dislikes you or those assets you are guarding. Trust me when I say this, you will find people, and sometimes even nation-state actors, that are looking to cause trouble. Leveraging intelligence and data to assess whether this is an anomaly or a pattern may require investment in technology, people and processes to support scaling your protective efforts. It’s always better to know proactively and build your protective intelligence program around this.

Looking for more on the topic of “Building Your Protective Intelligence Program”?
Sign up to receive curated articles delivered to you monthly including threat assessment tools, templates, and other resources to build (or enhance) your program.