Best Practices for Internal Threat Teams During a Crisis

internal threat analysis
October 10, 2023

The recent violence in Israel is a stark reminder of how quickly the security environment can change—often without warning—and raises the risk for a company’s safety of personnel, facilities, and operations. The war in Ukraine continues and other threats loom, which can overwhelm your threat monitoring teams or operations center. Security and intelligence teams can use best practices to keep their focus on what matters to their company and overall risk without getting bogged down by too much data and query results. Intelligence analysts need to be focused, diligent, disciplined, and forward-thinking during crisis events.

  1. Be focused on answering your company’s intelligence questions. Not every news event has an impact on your operations and some impacts may be secondary. It is crucial during times of crisis that analysts stay focused and know the threats, vulnerabilities, and risks that are important to their company. Analysts and their managers should be analyzing what impact, if any, global events will have on the company’s risk profile.
  2. Be diligent about what information and data meets threshold by informing your risk ratings. It can be tempting to want to provide daily situational reports that summarize the news. Crisis events create an influx of data and queries, but not every piece of data is useful, timely, or has an impact.
  3. Be disciplined on what is included in written products for your customers—internal or external. The news cycle during crisis events provides detailed information on every aspect of the event, most of which has little value to further understanding your company’s risk profile. Finished products, whether travel alerts, internal memo, or emails to C-suite members, should only include data that is relevant and supports analytical statements.
  4. Be forward thinking and look past the 24-hour news cycle. Crisis events require threat, security, and intelligence analysts to assess risks within a short period, but long-term impact to a company’s risk profile is equally important. Analysts should anticipate which indicators are likely to impact the company’s risk profile in the short, medium, and long term. Strategic analysis is equally as important as threat analysis during crisis events. Excellent analysis looks for tomorrow’s threats amidst today’s crises.

Security and intelligence teams may have limited personnel to tackle the extra work during a crisis event or the company may not have an internal team in place. Security managers should look to:

  • Leverage all company resources to provide actionable and timely information on the company’s risk profile.
  • Have personnel in other countries that can provide different, new sources and language capabilities.
  • Build a network of associates or vendors that can provide insight into a crisis event.

You will need analytical support to help frame the crisis and its impact on your company. If you don’t have adequate coverage today, a cadre of analysts trained by former IC analysts can provide the extra coverage you need during times of crisis without having to hire for a short-term need.Red 5 Security’s Managed Services has intelligence analysts that can supplement your existing threat and security teams.  To learn more, please contact us.

Karna McGarry, Vice President of Managed Services, Red Five Security

Subscribe for Cutting-Edge Security Insights!

Get the latest news, expert insights, and exclusive updates right in your inbox.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related Posts

Cyber Security

A Threat No One Can Ignore: The Threat of Ransomware Expands to Include Small and Medium Size Businesses

You likely heard about, and may have been affected by, the Colonial Pipeline Company ransomware attack in May 2021, but you probably are unaware of the ransomware attack that targeted Lincoln College later that year, forcing the institution to close in May 2022.
May 31, 2023

What are Online Romance Scams, and How Can You Recognize Them?

Romance scams continue to be a source of heartbreak and frustration. Learn how to identify and avoid scams in this blog post.
September 20, 2022

How Password Managers Work and How To Start Using One

How password managers work is contingent on the tool and the users. In this blog, learn tips to get started with one.
June 28, 2022

Let's discuss your security.

Partner with Red5 for unmatched intelligence and analysis expertise tailored to your needs.