- Posted September 18, 2013 by
Glen Rock, New Jersey
This iReport is part of an assignment:
Navy Yard shooting
Why security intelligence is important?
The most recent mass shooting incident at a secure government facility; Navy Shipyard in Washington, DC at first glance appears to be a social pattern being replicated across the country at an alarming rate. Individuals who feel they need to make a statement by whatever means they can against society and if innocent people get injured and or killed in the process, the perpetrator is okay with that outcome. What I find alarming about this particular mass shooting event is what appears to have stemmed from a fragmented security ecosystem where a number of human controls appeared to break down due to the lack of security intelligence being extracted from public and private data repositories associated with the perpetrator.
This particular example is a very sad and extreme security event; but as security professionals we need to do more than just look for a breakdown in business process, we need to ensure that our security framework and security ecosystem has the proper security intelligence flowing with threat data markers that allow rapid decisions to automatically be invoked when a threat threshold has been reached. Big data allows organizations the ability to develop a security framework that drives security intelligence into the hands of critical infrastructure owners and front line security practitioners allowing these key threat protectors the ability to respond rapidly while automated processes have been executed to minimize the scope of the threat without alarming the source of the threat.
People’s actions over time can and will have a direct impact on decisions made for critical access and require a security ecosystem that looks to analyze trends and patters via threat data markers as opposed to human action. Human action when combined with security intelligence allows the threat to be confirmed, validated, and or denied by directing the source of the threat to a person, group, company, and or government agency before a tragedy can unfold.
When threat variables are raised; protective actions can occur automatically. For example, access can be temporarily disabled pending a review of the threat variables – effectively reducing any further scope of the threat source. The key factor for these threat variables to be triggered is to ensure proprietary and public data is combined together creating a repository of rich data that can be mined to increase an organizations security posture.
• Data from the Veterans Hospital visits at different facilities aggregating together could flag that fact that Aaron Alexis visiting multiple facilities for psychiatric help
• Data from background checks for gun registrations aggregating together with mental health information could flag a new threat pattern for Aaron Alexis and the potential of violence on the horizon
The two hypothetical examples referenced above are just that – hypothetical and may not have stopped the events that transpired in Naval shipyard from unfolding but the potential that it could have I believe is paramount to the discussion currently occurring around how we can prevent these horrible events from transpiring in the future. I believe data, trends, and patterns are key to predicting a potential threat occurring; which at the very core suggests the need for security intelligence analyzing big data repositories. Quoting the September 17th, 2013 CNN web article; “This guy had a badge?” Aaron Alex had a “pattern of misconduct” in the Navy, run-ins with the law, and possible mental health problems.” Three major threat variables when read in a sentence together shouts “Duh – this guy is a risk!”; so why was it missed?
Big data when properly analyzed with a threat engine can protect data, infrastructure, people, businesses, countries, and the world thereby increasing security without complicating everyday life.
The technology exists today to tie all of this data together securely – the question is when we are as a society going to demand it.