Interview: The Curious Story of Qriously with Co-Founder and CEO Christopher Kahler
By Gemma JoyceMay 16
Published December 14th 2015
We recently had the pleasure of sitting down to speak to one of our expert-user clients about the role social intelligence plays in security operations.
Our conversation with Dan Skeggs, independent information security professional, covered the different ways social intelligence can be used in security operations, highlighting an emerging use case for platforms such as Brandwatch.
The use of social data in security has developed as technology has changed, and users have adapted to those changes.
“[The public are] much more open to sending out information into the public domain, without necessarily realising what the immediate and long term consequences are,” said Skeggs.
It is the fact that people are comfortable broadcasting more and more that has allowed security professionals to leverage social media as an important source of intelligence.
Dan’s use of social data has been implemented across the banking, media and retail sectors, so he has seen the integration of social data with security across a variety of different verticals.
Dan’s roles have been varied within the security industry, including both logical, such as cybersecurity and information security, and physical. Some roles have been proactive, some reactive, but all have used social data in the management of identified risks.
As Dan has worked across different industries, varied uses emerged during our conversation.
The maturity of social intelligence use in different verticals is evident. Media brands have been using social intelligence for longer, albeit not in this way, but having that base of familiarity helps them to progress to more in-depth, mature usage.
Retail is relatively new to the possibilities of social intelligence, so have only more recently leveraged the capabilities.
The finance sector has issues around compliance, security and data storage of social communication, so primarily uses social listening to inform areas of the business rather than for engagement.
What these brands have in common, however, is the integration of social data into security operations that enrich real time information and provide daily insights to improve practices and security for their customers.
“What is a risk at one minute can turn into a crisis the next, but it’s that moving picture…social data can be the most up-to-date, accurate picture or reflection of what’s happening.” – Dan Skeggs, Information Security Consultant
As this is a newer, albeit growing, use case for social data, we asked Dan if he had encountered resistance when trying to use social data in this way.
He told us that it wasn’t so much resistance, but that as senior management hadn’t considered social data as part of a security solution, a business case has to be built.
But, building those business cases has been fairly easy; by demonstrating the variety of uses and the value it brings a case can easily built, especially when compared to bespoke service that offers much the same but involve a much higher cost.
Incident management is one such area that has become enriched by this growth of information.
This involves a collaborative approach, where the security team will bring in experts from different areas of the business to form an incident management team.
Central to that response will be seeing what the public reactions are, what really matters to those affected. Social data is key to learning this.
“The first place people go to is Twitter, because that’s how people tend to vent themselves now, and very quickly.”
That information will inform your incident management strategy and planning around your internal and external communications.
Rather than releasing a predefined statement, you are able to ensure you are answering the questions that matter most to your staff and customers alike.
Social listening platforms open a two-way channel of communication with those most concerned.
Timely and targeted responses are important.
“The time to respond can have a real impact on the damage to your reputation”.
If you can take control of the situation quickly and can keep abreast of the latest updates you have a much better chance of dealing with the incident successfully.
Planning security for senior level executives or well-known individuals, Dan has seen social data used to monitor threats made against them, or simply check how the media and online world are discussing them to help assess the threat level.
This then in turn feeds into a real-time risk management strategy.
Equally, he’s been involved in listening for data leakage, where somebody has inadvertently posted on social media that person X is attending a particular event or presentation.
This data informs security plans and helps towards possible last minute changes to itinerary.
When working at an international media organization in a central London location, security of the building was an obvious concern.
Amazingly, Dan told us that the security team actually received more information about incidents surrounding the building from Twitter than they did from police.
If a protest was happening in the vicinity of the building and an evacuation plan needed to be put in place, Twitter data could provide information about where protesters were congregating, numbers and likely routes, allowing the team to plan a safer, clearer route.
“Information is everywhere, but it’s how you enrich that information for it to become intelligence. That’s the key goal.”
In every industry, cyber security has also been enhanced by the addition of social data, specifically, the amalgamation of internal and external data-sets.
By integrating social data into security operation centres, social alerts and security alerts come to life, giving the ability to correlate the information.
For example, if someone on Twitter complains that they can’t access their customer account or some loyalty points are missing, this can be cross checked with access control logs to see if a security incident has occurred.
In the past and without social data, these could have gone unnoticed. This is an important step forward.
As Dan says, “it enriches that data and it turns it into actionable intelligence rather than information”.
Finally, we asked Dan where he sees social data being applied in the future.
He stated he believes that the way people interact with social is only going to strengthen as the technology develops.
Wearable technology, for example, could provide some interesting use cases, as adoption becomes ever-more mainstream and, with increasing numbers of the public broadcasting their location, what they are buying, eating and so on.
This data will become an extremely valuable commodity. It will mean that social intelligence will have to become a bigger part of the toolset that security departments need to help protect their staff and companies going forward.
Dan predicted the increase in wearables such as fitness trackers broadcasting data publicly could lead to insurance companies using collecting this data.
Then, if a customer has said on a health insurance form that they go to the gym twice a week, but the fitness tracker broadcasts contradicts this, that information could be used to refuse claims. It is already happening with vehicle insurance claims, it’s just a matter of time before it becomes personal.
As Dan says, “when you’re broadcasting it you don’t really think about it, but all this is out there for people to collect and use, so it’s going to be an interesting, always connected world going forward.”