Threat Assessment: Protective Intelligence’s Missing Ingredient

By Fred Burton, Executive Director, Ontic Center for Protective Intelligence

Reflecting back on my decades of experience in the protective intelligence field, I have consistently seen programs that were lacking one key and very important ingredient: threat assessments. Even the times a program had both, they were often displaced in silos and not shared across teams or with other key players, like HR or Legal. I’ve seen this happen for a range of reasons, but primarily because there hasn’t been a tool that seamlessly integrates the two components, and not everyone recognizes the value, nor understands how to integrate the models.   

This is precisely the reason why Ontic recently acquired SIGMA Threat Management Associates.  Our collaboration brings Fortune 500, emerging enterprises, education and government organizations the ability to unify the threat assessment practice with technology, creating a single platform for managing threats, workflows and assessments. 

What is a threat assessment?

Threat assessments are foundational tools protective intelligence teams use to establish the threat posed to a specific person, company, event, location, or facility. Threat assessments are conducted to create as complete a picture as possible of the threat landscape, such as factors that could bring hostile attention to the subject, any current threats, the universe of potential threats, and threat actors, as well as the general threat environment.

By identifying, analyzing and describing the existing threat level, assessments help you understand the threat landscape and are useful tools for determining the appropriate security measures needed to protect against the identified or potential threats. Not one style fits all, therefore, security processes and procedures must also be implemented in accordance with corporate or personal risk tolerance, as well as lifestyle, corporate culture, business operations and budgetary considerations. 

It is also important to recognize that while threat assessments provide a foundational understanding of the threat, they are not static. They must be responsive, living documents that reflect changes in the potential target’s situation and environment.  In a perfect world, baseline threat assessment should be updated quarterly, with full, ground-up re-assessments annually.  

Elements of threat assessment

While these examples are specific to a person, they can also be applied to a company, event, location, or facility. Here are four key elements to consider: 

  1. Subject profile – If they are well known and have controversial business dealings or social activity they are far more likely to attract the attention of threat actors and are more easily recognized as they proceed through their normal daily activities.
  1. Documented and potential threats – Known and documented threats also play an important role. Such threats should include persons of interest (POIs) such as abnormally angry customers, disgruntled former employees, unstable individuals who have an abnormal focus of interest in the company or executive, including family members. The communications of such individuals should be monitored and curated for future reference.
  1. Physical environment – Assess the subject’s work and home environment, where the company operates, and areas that must be regularly traversed to get from home to work or are otherwise frequented. It is important to gain an understanding of the criminal, civil and natural disaster threats and vulnerabilities associated with those locations.
  1. Current security measures – This would include security training provided to the subject, a driver or a protective detail. This should also account for residential security, estate staff and physical security measures in place at the office. The security measures in place can then be weighed against the assessed threat level to determine if they are sufficient and appropriate.

Digitizing your threat assessments

The physical security industry has experienced a massive shift in the last couple of years largely fueled by new responsibilities driven by Covid health and safety and a complex threat landscape, as a result of political turmoil and social unrest.

Now more than ever, corporations need technology solutions that not only provide a comprehensive view of the threat landscape and surface critical knowledge but also guide action — specifically, the identification of threats, gathering of information, assessment, creation and implementation of plans for addressing threats.  

SIGMA’s Workplace Threat Assessment Module, integrated into the Ontic Platform, can help visualize and guide decisions around identifying incidents of concern; gather the necessary information through investigative research and interviews; assess the level and urgency of the threat; and guide the appropriate actions to manage and mitigate the threat.

To keep up with the future of protective intelligence and threat assessment, we must strip away the disparate data sources and manual processes and adopt technology that allows us to do all of this in one single pane of glass. 

Interested in learning more about the role threat assessments play in helping security teams see the complete picture of the existing risk level? Visit Ontic at Booth 933 at GSX 2021, or check out this Ontic whitepaper: The Role of Baseline Threat Assessments in Protective Intelligence.