Turning Infinite Data into Insightful Threat and Risk Strategies

How Smart Data Is Changing Risk & Threat Management

The pace of technological innovation has been astounding the world for decades. Just consider the fact that computing and processing capacity of computers hits double figures every 18 months(1). Additionally, 89% of big data has been produced within the last two years(2). It is clear; the speed at which technology advances is impressive and does not show any signs of slowing.

These innovations have revolutionized the risk and management space, providing new tools and access to vast amounts of data. This might sound like amazing progress for the industry; however, decision making is not getting easier. Why? Because while one might think that the more information available, the better, when it comes to risk and threat management, more data is not necessarily a good thing. Particularly when time is a premium and resources are not doubling or even remotely growing at the same rate as the access to information and data always circulating.

More data means more noise. Humans cannot possibly capture, sort, and analyze a seemingly infinite amount of information. The development of innovative technologies, like Artificial Intelligence (AI), Machine Learning (ML), natural language processing and generation, as well as the ability to automate routine tasks makes it possible to synthesize what seems to be an endless array of data much more effectively.

This is giving humans the time and opportunity to do what they do best, provide context and meaning to the data. The coupling of the machine’s capabilities with what humans have been doing has fostered the creation of augmented analytics

Augmented Analytics Defined

The term, augmented analytics, was coined in 2017 by three Gartner analysts in a research paper as “an approach of data analytics that employs the use of machine learning and natural language processing to automate analysis processes normally done by a specialist or data scientist.” (3)

Five years later, the augmented analytics as a technology has evolved into something much 
more powerful particularly in the way it can deliver actionable information. Now, augmented analytics incorporates machine learning and artificial intelligence, automation, data visualization, natural language generation, natural language processes, and queries.

Why does this matter? Because the benefits are incredible. Augmented analytics can deliver 
rapid insights in a way that almost anyone – not just data scientists or analysts – can interpret, enabling quicker decision making. This is crucial in many threat scenarios and beneficial even in non-threating situations as well 

What does that mean in ROI? According to a 
survey of IT leaders and software developers held in 2021, 41% of companies experienced a rise in making better data-driven decisions after using augmented analytics.(4)

In a world where humans and machines work in tandem, “the enterprise [benefits] because the speed and pace are much faster, and insights are gained in real time,” states Dan Simion, VP of AI and analytics at Capgemini.(5) Simion continues, “With decisions made faster, and without the need to hire data scientists, companies see a dramatic reduction in costs.”

Turning Data into Advantage

Parsing massive amounts of data is a full-time job. But machines are happy to work 24 hours a day, seven days a week, all year long, so they can be dedicated to capturing, sifting, and sorting information quickly.

Yet, machines do not come without shortcomings. Technology cannot always correctly sense sarcasm, or hear tone, and they certainly lack the depth or breadth of real-world experience they can use to interpret what the data means.

Technology doesn’t have the ability to sense sarcasm, hear tone, or interpret information via real-world experience.

While technology continues to approve on that front, human analysts can sense tone, emotion, innuendo, nuance, interpret information via real-world experience and more. They have built/cultivated expertise that is grounded in historical context and familiarity with culture, customs, past behaviors, etc. And when it comes to risk and threat intelligence, humans are also critical in ensuring that the computers are “taught” the many and ever-changing ways that threat actors engage with sources and social media networks.

The collection of data, and the method used for collection, must be dynamic. If it remains static, it is likely that new and emerging sources of data or intelligence will be missed. Humans simply cannot work fast enough. And machines are not always smart enough. That said, machines will get smarter largely driven by the information being fed to them by humans.

The Power of People + Machines in the World of Threat, Security and Risk

So, what does all this mean for the security, risk, strategy, intelligence or operations professionals? By fusing the combined power of humans and machines, augmented analytics ensures that risk and threat professionals have the exact intel they need, when they need it and even more importantly – potentially before they need it.

In the risk and intelligence world, augmented analytics can create current and future scenarios where critical information is captured to help organizations protect people, products, assets, and reputations. It can do this by not only quickly surfacing threat events as they happen, but even more important it can use historical information, human knowledge of places and events, trend data among a myriad of other data to forecast potential disruptions before they happen.

Dark Reading validates the power of humans + machines in the introductory line in the article, The Next Generation of Threat Detection Will Require Both Human and Machine Expertise, “There is a debate in the world of cybersecurity about whether to use human or machine expertise. However, this is a false dichotomy: Truly effective threat detection and response need both kinds of expertise working in tandem.”(6)

Companies typically see five to 10 times ROI in the first year, he said. Having data science built into solutions allows organizations to invest their resources in other strategic ways.(7)

And, in a report discussing augmented analytics, Microsoft Business Intelligence summarizes the benefits as such: By quickly and accurately analyzing data, organizations make better business decisions and formulate more effective strategies. Over time, they can drive greater growth and higher revenues (8). There is not an organization in the world that does not have this as an ultimate goal.

How Augmented Analytics Works

On-the-ground expert analysts, who have a deep understanding of the business environment, history, people, and cultures they are analyzing, help guide the data science team on the details and specifics the machines are missing. In the everyday way they are doing their jobs, the analysts and data scientists are automatically helping to train the models to better identify information moving forward. The machines return the favor by serving up details that experts are not aware of and ensure peoples’ subjective analysis and bias toward an analytical process does not come into play.

One example of this is if machines label something incorrectly, the humans overseeing the machine’s output get involved and correct the information. This serves as a feedback loop, ensuring that next time the system puts the data in the correct category. This allows humans to not only correct the information that is coming in and the errors that are made but improve future predictions. Conversely, by having the machines show the humans better information, they will be able to make better decisions. The result is symbiotic improvement coming from both directions.

This is “why humans working with machines to power enhanced decision making: instead of running through 20 routine alerts, human analysts could focus their time and energy on one or two actionable cases”(9).

In a nutshell, augmented analytics minimizes the amount of time humans spend sorting through the data and alerts and maximizes the time they spend using their on-the-ground, honed expertise to discern the best future actions to mitigate potential risks and threats.(10)

Technology is unbeatable for spotting anomalies or trends and processing information at rapid speed, but it just cannot offer the relevancy layer – what does this information mean to me? And it cannot offer the spotlight – where should I look next? What are the secondary impacts of an incident? But Human experts can provide this layer. People can provide invaluable context and interpret why we are seeing this abnormality, how significant it is for an organization, and what to do about it. This is when the power of augmented analytics, the combination of advanced technology plus the expertise of knowledgeable analysts comes to fruition – helping organizations reduce the number of crisis incidents they find themselves involved in.

Reimagining the Decision-Making Loop

The days of collecting information and analyzing data are changing. And so is the decision-making loop. Augmented analytics allows users to move to a more evolved way of decision making, increasingly shifting from reactive to proactive monitoring and analysis.

In the context of risk and security challenges, augmented analytics allows you to easily manipulate data sets to surface trends or incidents that could potentially affect your organization or its operations. Machines can automate collection, tracking, and communication of data sets. And the analysts, the ones who live and breathe complicated, complex environments, use that information to identify the nature and likelihood of impact on operations and to provide advice in real time.

This is the type of information that risk and intelligence professionals – who start each day with the mission of keeping people, assets, and products out of harm’s way – need. They work to stay ahead of the problem, not to solve the problem.

Organizations do not simply want to be alerted to protests as they happen; they want to know before they occur, along with specific predictions about the implications these probable protests might have. Machines can use historical insights with real-time data like social media chatter to make such predictions. And experienced analysts can offer nuanced insights around motivation and impact that only someone with local expertise can uncover.

Augmented analytics addresses the two biggest questions that any risk and threat intelligence team will have:

Is the information I’m receiving timely, relevant, and material in its impact?

How should this information impact my next steps and what should those next steps be?

In the past, the rule of thumb was that you can get accurate data, or you can get fast data. You cannot have both. The good news is that augmented analytics is challenging this theory

Augmented Analytics in Action: Operations

Isaac is an Operations Center Analyst that is responsible for monitoring Eastern Europe for his Global 2000 manufacturing organization as part of a larger 24×7 operations center. He knows the countries and cities across the continent that typically have been trouble spots, and so he manually reviews activities and provides new analysis about those places. For the other countries and cities where his organization has resources and equities, he sets alerts and notifications – using keywords and event types.

To stay ahead of issues, Isaac sets up notifications to look for changes in stability levels that could be a leading indicator of potential disruption. He also monitors dashboards that curate the latest data and analysis about Eastern Europe. When disruptive events happen, he provides spot reports to the organization’s leadership and business leaders in the region. But what he really wants to do is to provide his leadership teams with reports of leading indicators so they can take proactive measures.

Last week, Isaac received a notification of decreasing stability levels in Romania triggered by news reporting and internet posts about increasing gas prices that are straining citizens. Isaac begins to set up additional notifications and starts monitoring Romania daily. The following day he receives alerts with an increase in social media posts about planned protests and an analyst report is published providing context into the cause of the fuel price increase and potential for future unrest. He also finds that the analyst-derived outlook for Romania has been updated, which provides further context to the potential for social and political instability.

Instead of waiting for protests to start, Isaac creates a warning report from the data within his system and sends that to global and regional leadership teams so they can prepare for potential supply chain disruptions at their Eastern European manufacturing facilities in Romania, as well as their Bulgaria facility. Isaac continues to monitor the situation.

As the stability indicators continue to drop, new analyst reports are written and increasing news and social media about the crisis are published. Isaac begins to draft a daily report for his leadership that includes the narrative information and a set of time series charts that clearly depict a rapidly increasing amount of information related to unrest, decreasing in sentiment, and increasing fear and anger in news and social media. These reports lead his organization to change the operational status of Romania that results in a shift in personnel, no new travel to Romania, and a shift in supply chain to circumvent the areas of potential unrest.

Augmented Analytics in Action: Security

Shelby is a Security Manager at a growing organization and oversees her company’s operations in Brazil, Venezuela, Colombia, Ecuador, Chile, Nicaragua, and Mexico. She monitors hotspot areas for evolving or breaking scenarios that would directly impact the
organization’s people or assets.

Even though Shelby does not have access to much data across her region, her young organization is counting on her to establish standard operation procedures (SOPs) for cartel disruptions and civil unrest. She works hard to monitor news and social media platforms but is forced to click through many different sites to surface data. This is tedious work and unfortunately Shelby does not have time to search through individual sources for each country she covers.

Now, having implemented a solution that leverage augmented analytics, she can now more quickly and effectively get information in the time and fashion she needs.

First to stay on top of breaking issues, Shelby has scheduled daily alert notifications for any type of higher severity events occurring within a 15-mile radius of the company’s locations. For the more problematic or turbulent cities where they have operations, she sets stability and risk notifications that could both alert to and contextualize changes in the situation on the ground. As an early warning to leadership, Shelby creates weekly reports in each country she monitors and situation reports as circumstances evolve.

Through the Election Monitor Shelby knows that tax reform is anticipated in Venezuela’s upcoming election. First, Shelby receives an alert of a Pulse drop in Venezuela, because of short-term indicators and unrest-related data. Shelby also sees a hotspot in Venezuela that notifies her of an anomalous uptick in chatter related to a relevant unrest. Additionally, she notes an increase in both news and social media data as plans and calls for nationwide protests occur in Venezuela.

Through her alerted content, Shelby begins to see that groups are starting to organize, and waves of mass protests are anticipated in three major city centers where the company has operations. Shelby turns to Events AI where she monitors her saved searches that include news, social, and verified events. Alongside the Hotspot, Shelby notes there are more reports of calls to violence. Forward looking analysis tells her that people in Venezuela are planning to contest the election.

Shelby needs to generate a report for senior leadership immediately as their Duty of Care procedure indicates people should not return to the office tomorrow. She generates the bones of her report with Scribe, including analysis of Pulse and links to news and social media. She then turns to the pieces of analysis and quickly copies to fit her report. Finally, Shelby needs to ensure the locals and expats have access to safe routing information. Through Search, she pulls historical verified incident heatmaps linking where unrest occurs to areas where Events AI heatmaps of geolocated news and social on election and planned protests. She escalates her written analysis, trend analysis, and AI reporting to leadership within 30 minutes. Without augmented analytics, Shelby would never be able to provide such in-depth, informative, contextualized information.

The Future is Now

The evolution of risk and intelligence and analysis products is here. It is called Augmented Analytics and it offers insights on a scale and depth never before possible. No longer do leaders have to watch disruptions occur, reacting alongside the chaos and disorder that might change the trajectory of their organization.

The evolution of risk and intelligence and analysis products is here.

Together, humans and machines are making it possible for organizations to not just respond to incidents but avoid them entirely. And as augmented analytics continues to evolve, there will be better alignment between human predictions and machine monitoring, better bias checking and earlier, data-driven indicators from AI and ML being brought to the human analysts. This results in a more complete, and faster picture of external events to be delivered to organizations.

With the delivery of this information, leaders can have the upper hand. Instead of reacting and scrambling, they are given the gift of time and foresight. Decision-makers can think through their options, debate scenarios, and plan for all outcomes, thanks to smart data that is profoundly changing the risk and threat analysis industry.

Our website uses cookies. By agreeing, you accept the use of cookies in accordance with our cookie policy.  Continued use of our website automatically accepts our terms.

Subscribe to receive insights from Seerist.