Category
Colleagues having discussion at computer monitor
Emergency Management Jul 21, 2022

How to Evaluate Threat Intelligence Providers & Business Solutions

There are significant differences between threat intelligence solutions that every buyer should understand before selecting a provider.

Threat Intelligence Guide
See how AlertMedia can help you protect your people and business from nearby risk, anywhere in the world.
Cover of AlertMedia Global Threat Intelligence Guide

If only we could predict the future, it would be far less difficult to plan for it.

The unpredictable nature of the modern threat landscape makes it much harder than ever before to keep your employees safe and your business running. Take cybersecurity for example. Most organizations know abstractly that cyberattacks could potentially be an issue. But do you know how to spot phishing or malware attempts? Do you understand your risk level for a ransomware attack? Do you have a plan for IT incident response?

Cyber threats are just one of the many potential hazards your business faces. Disruptive events come in various forms and can occur in minutes or over multiple years. And because there is no way—even with the best preparedness plans—for safety and security teams to prevent every threat, business leaders increasingly are thinking about organizational resilience using a different measure of success: speed of response.

Resource-2025-Threat-Outlook
2025 Threat Outlook Report
Explore the top threats that impacted organizations in 2024 and how these events will shape the workplace in 2025.
GET THE REPORT

When it comes to emergency response, speed is everything. How quickly can you identify potential threats? How quickly can you initiate a crisis communication plan? How fast is your response that ensures your people’s safety?

While there are many ways organizations can improve emergency preparedness—from updating comprehensive preparedness plans to regularly conducting tabletop exercises—the world’s most resilient organizations are constantly looking for ways to accelerate how they detect, validate, and respond to any threat to their people or business.

In this post, we’ll discuss how a modern threat intelligence and risk detection solution can help you identify threats faster—and what to look for when evaluating solution providers.

Examples of the Modern Threat Landscape

Threat intelligence, also referred to as “risk monitoring” or “risk intelligence,” broadly encompasses the practice of using available threat data sources to detect, mitigate, and respond to emerging threats and unfolding events with the potential to impact employee safety or disrupt normal business operations.

The best way to understand your organization’s specific risks is to run a threat assessment. This exercise will give you an idea of the specific risks you need to prepare for. The best approach to understanding the business impact of the disruption is to conduct a business impact analysis. This analysis prioritizes resources and determines the best approach to disaster recovery for your organization.

How effective is your risk assessment?

Understanding your organization’s current risk assessment capabilities will help you find the right risk intelligence system that fits your needs. Here’s how to tell where you stand.

Signs of LOW risk assessment

Companies with low risk assessment capabilities typically err in one of two ways.

Some companies assume too narrow of an impact. For example, if a winter storm is coming through the city of their headquarters, they may tell all the employees who work in that office to stay off the roads and not come into the office. But they may forget about how the blizzard could impact their business travelers who are coming in or flying out that day. Or they might fail to consider the impact on assets—like equipment—that need to be protected from the cold.

Other companies assume too broad of an impact. This is certainly better than the former, but it is still problematic. When a threat emerges, these companies will default to always contacting everyone—no matter which office or department they’re based in. This may seem like “playing it safe,” but the reality is that this poor internal communication practice will cause notification fatigue over time. If your employees are constantly getting alerts for risks that don’t impact them, they will become desensitized to the warnings.

Signs of HIGH risk assessment

Companies with high risk assessment capabilities have processes in place to determine the precise impact of every threat. This allows them to zero in on the specific people and assets they need to focus on. These companies avoid notification fatigue but also don’t let at-risk employees slip through the cracks.

We covered how threat intelligence helps to keep your business running on the level of cybersecurity. But organizational security requires more than just cyber threat intelligence. Here are a few examples of other threats and use cases where a modern threat intelligence product would provide actionable insights and real-time intel:

Security and facility safety incidents

Ensuring safety for your on-premises employees is a clear requirement, but threat protection also extends to any sites where workers are, including remote workers and those traveling off-site. Organizations must account for a wide range of risks that impact facility security and protection—whether they have a single office or a global multi-location business. Examples include:

  • Active shooter incidents: Tragically, active shooter scenarios remain a significant threat in the U.S. and other countries. Since 2017, there has been a 96.8% increase in these events and a huge jump in fatalities.

chart showing the increase in active shooter incidents in the US

  • Workplace fires: According to data from the National Fire Protection Association (NFPA), a fire is reported somewhere in the U.S. every 24 seconds. Of these incidents, approximately one-third of fires occur in or around structures, accounting for significant loss of life and property damages in excess of $12 billion annually.
  • Civil unrest and public demonstrations: Between 2011–2018, the global number of public demonstrations and reports of civil unrest doubled, with more than 4,700 non-violent protests and 2,200 riots reported in 2018 alone. And these incidents have only increased since the pandemic.

Health and environmental threats

From chemical spills, dangerous materials, and pollutants to the risk of infectious diseases in a given region or community, employers must continually monitor employees’ working conditions to reduce their exposure to potential hazards. Some of the most common categories of external threats organizations should monitor include:

  • Infectious diseases and outbreaks: While the COVID-19 pandemic brought into focus just how disruptive contagious diseases can be to organizations worldwide, it is just the latest example of why pandemic preparedness is essential. As employers and employees alike grow accustomed to the increased risk of airborne illnesses, the ability to rapidly spot potential outbreaks and high-risk areas will continue to grow in importance.
  • Environmental hazards: From chemical spills and dangerous materials to poor air quality, employers must continually monitor employees’ working conditions to reduce their exposure to potential hazards. The World Health Organization estimates that air pollution causes more than 7 million deaths every year worldwide—with approximately 90% of people regularly breathing air that exceeds WHO guidelines for acceptable pollutant levels. As the world’s population grows, health experts anticipate a higher risk to anyone working in locations prone to smog and other air-quality hazards.
  • Natural disasters: From earthquakes and tsunamis to volcanic activity and rapidly developing wildfires, natural disasters can create mass destruction with little notice. More than 1,300 earthquakes with a magnitude of 5 or more have occurred every year since 2000, causing upwards of $3–4 billion annually in economic losses.

Severe weather events

Severe weather poses an ongoing risk to businesses of all sizes—no matter the industry or location. And this risk is growing. Weather-related disasters have increased five-fold in the last 50 years. With a modern threat intelligence solution, business continuity, HR, IT, facility, and other leaders can quickly see when and where significant weather events are happening. For coastal businesses, threat intel may be used as part of hurricane preparedness. Similarly, companies with employees and facilities in the Great Plains may use threat intelligence to initiate emergency communications to employees about tornado warnings, high winds, or other dangerous conditions.Weather-related disasters have increased five-fold in the last 50 years.

While weather-related information is widely available from sources like the National Weather Service, the National Oceanic and Atmospheric Administration (NOAA), and countless private storm-tracking services, enterprise threat intelligence platforms take this a step further by providing a longer-term view of emerging weather, often providing several days advance warning on large storm systems. Additionally, by connecting weather information to real-time location data, these solutions can pinpoint potential risks—such as the number of impacted employees and facilities within the forecast area—so that businesses can make informed decisions about safety precautions or work shortages.

Organizational Benefits of Threat Intelligence Services

Organizations are challenged with balancing their duty of care obligations and the need to keep operations running smoothly. Considering the many hazards threatening your employees and assets at any given time, around-the-clock manual monitoring of all events would quickly overwhelm your resources.

For that reason, purpose-built security tools like threat intelligence solutions are rapidly becoming the preferred option for businesses that want to improve their safety workflows, increase situational intelligence, and accelerate their emergency response.

Here are a few key benefits of using a third-party threat intelligence solution:

Speed of intelligence

AlertMedia_CustomerSpotlight_Minnesota-Twins_HeroBanner
Case Study: The Minnesota Twins
“When we have Threat Intelligence as risks evolve, we can develop a plan to actively mitigate or even prevent potential threats. That feels like a home run," says Jeff Beahen, Senior Director of Security.
LEARN MORE

Condensing the time between detection and response is critical not only because of the significant impact on human safety but also for business continuity and protecting the bottom line. In fact, a Forrester study found that organizations that improve emergency response by 30 minutes per incident experience higher revenues. Eliminating many of the manual aspects of risk monitoring, along with a live threat intelligence feed, can drastically accelerate critical event identification, allowing you to initiate an emergency response when seconds count and make informed decisions about mitigation strategies.

Information accuracy

There is no shortage of open source intelligence data about what’s happening around the world. However, making sense of this information and verifying its accuracy are significant hurdles to taking advantage of this intel. The last thing you want is for a major event to go unnoticed—but neither do you want false positives on threats that cause undue panic. Determining the veracity of information is just as important as capturing it in the first place. By using human-vetted threat intelligence, organizations can more easily curate a data feed from thousands of distinct sources, filter out the noise, and pinpoint the most relevant information to their employees and business—all in a matter of seconds.

Faster time to action

As Russian author Fyodor Dostoevsky once said, “intelligence alone is not nearly enough when it comes to acting wisely.” This is particularly true for information that impacts an organization’s ability to protect itself from a rapidly developing threat. By integrating a modern threat intelligence solution with an emergency communication system, businesses can vastly accelerate access to actionable intelligence, ensuring stakeholders and employees are aware of critical events as quickly as possible for effective vulnerability management.

"We know at this point, it's not a question of 'if,' it's a question of 'when.' So we are really taking a hard look at how we can do things differently to help manage that chronic drumbeat that we're seeing now in disaster response." —Jennifer Pipa, VP of Disaster Programs at American Red Cross

Automatic impact assessments and alerts

Once you’ve solved for how your organization will identify threats and verify the accuracy of information, you need to know where to direct resources. A threat intelligence solution can help expedite this by providing useful threat analysis and a visual depiction of each threat’s impact radius, enabling you to prioritize assistance for individuals and locations most at risk. Some threat intelligence providers even give you direct access to experts and analysts who can talk you through active threats.

By integrating employee data from an HRIS or Active Directory, organizations can tie threat intelligence to static or dynamic locations to know exactly who is impacted—even when employees are traveling or not in their typical work environment.

Questions to Ask Potential Threat Intelligence Providers

Now that we’ve established some of the reasons why organizations might invest in a threat intelligence solution, you will want to understand the differences between various security solution providers.

When evaluating threat intelligence products, here are a few questions to ask to ensure you understand each provider’s capabilities as you assess which best suits your organization’s needs.

Questions to ask when evaluating threat intelligence providers

  • Can the provider share real-world examples of how quickly intelligence is delivered relative to other information sources?
  • Does the provider offer human-verified intelligence?
  • Does the provider offer 24/7/365 coverage?
  • Does the provider integrate with a mass notification system, HRIS, and other business systems?
  • Does the provider offer data on previous incidents to give you a historical understanding of threats?
  • Does the provider offer an API?
  • Can the provider automatically alert impacted employees concerning nearby threats?
  • Can the solution automatically calculate the impact of any threat using your people and location data?
  • Does the solution provide a way for administrators to visualize various threats by category or severity?
  • Does the solution give access to live threat analysis and/or actual analysts?

By asking these questions during your evaluation process, you’ll begin to understand how each provider approaches risk monitoring and threat detection, how easily it will integrate with your current security systems, and how quickly critical information can be disseminated to those who need it most.

Stay Ahead of Critical Events

The ability to rapidly identify, verify, and respond to threats should be a central component of every organization’s security operations and emergency preparedness planning.

A comprehensive threat intelligence solution with threat history and integrated analyst access like AlertMedia can drastically improve situational awareness, accelerate response times, and safeguard your people and business from whatever comes next.

To learn more about how AlertMedia delivers fast, accurate, and comprehensive intelligence to thousands of organizations, listen to this podcast with our VP of Global Intelligence or download our product guide.

Threat Intelligence Guide

Please complete the form below to receive this resource.

Like What You're Reading?
Subscribe to Our Newsletter
Subscribe to The Signal by AlertMedia to get updated when we publish new content and receive actionable insights on what’s working right now in emergency preparedness.

Cookies are required to play this video.

Click the blue shield icon on the bottom left of your screen to edit your cookie preferences.

Cookie Notice