How to Improve Workforce Safety & Corporate Security: Fusing Risk and Location

Table of Contents
    Restrata Team
    Restrata Team

    Fusing risk and converging location โ€“ what are we actually talking about?

    Essentially, this means combining the crucial information required to understand what’s happening in our operating environment and the potential risks to our people and assets.  

    As organisations, we operate in diverse environments with varying sizes, footprints, and operational nuances. The challenge lies in understanding the full layout of our business and then grasping the impacts of global events on our assets, people, and operations. 

    Think of it like a game of “Where’s Wally?” โ€” but instead of searching for a striped shirt, we’re locating our dispersed workforce amidst potential risks and incidents. It’s a common struggle for security teams โ€” piecing together scattered data to gauge our exposure and decide on necessary actions as fast as possible. 

    Navigating the Challenges

    Today’s operational landscape presents numerous challenges, from geopolitical tensions to disruptions caused by climate change and world events. The world is not getting any safer. We’re dealing with all the headline events: Ongoing situations in Russia, Ukraine, Gaza, Israel, Iran, the wider Middle East. Houthi activity in the Red Sea and the implications on supply chain. We’ve got escalatory behaviour by the Chinese around the Kinmen Islands, China, Taiwan… The list goes on. 

    And while technology has made gathering information easier in many ways, it has also led to digital barriers that hinder smooth communication and can hamper incident and crisis response.  

    Organisations typically tackle this challenge in three ways:

    1. Individual Systems: Separate platforms that serve specific functions (HR data, travel-tracking, GPS, etc.) but these systems are fragmented and require cross-referencing against multiple sources for a complete picture. 
    2. Legacy Providers: Attempts to integrate data that often rely on outdated technology. These are generally delivered by an amalgamation of different systems that have been developed through acquisition, and not unified from the ground up. So the systems aren’t necessarily talking to each other very well – limiting compatibility and data accessibility. 
    3. No Systems: Typically, you’ll see this more in the SMEs. You don’t really have any systems in place at all. You’re dealing with, simply put, organisational chaos and your strategy is based on โ€œnothing has happened to us so farโ€ โ€“ in a word, luck. 

    The Path Forward

    To address these challenges, we need to understand our operating environment thoroughly. Traditional threat intelligence sources and open-source information offer valuable insights, but accessing and combining this data can be cumbersome due to closed ecosystems and fragmented sources. 

    Within standard threat intelligence providers and open-source information, you can segment these into four broad categories:  

    1. Travel Assistance Providers. These providers usually push out security alerts as well as medical advice.  
    1. Strategic Geopolitical Risk Advisors. There are the likes of Dragonfly, Sibylline, and others in that space who provide very good but high-level strategic content, often forward-looking assessments.  
    1. Tactical Providers. It’s not real time, but it’s going to be timely, confirmed with some assessment of whatโ€™s going on, typically with suggested immediate actions.  
    1. Operational Real-Time Providers. Usually just a simple headline type alert. Although sometimes supplemented with images, video, or live streaming from social media sources to help your understanding. But in essence drawing your attention to the fact somethingโ€™s gone bang in an area youโ€™ve deemed of interest.  

    The problem is, these are all closed ecosystems.  

    While you might be able to plot your physical assets within one of these platforms, and in some cases you might be able to bring in some people data, you can’t bring in any other third-party threat intelligence providers data into the system.  

    So, you then still end up looking at two, three, four different systems, and you also consume the information differently. Some of it will be an email alert, some may be delivered via an app, while others might need to be accessed via a web portal – which all makes it more difficult to understand what’s going on. It’s doable. The information’s there – but it’s clunky, time-consuming, and fragmented.  

    The solution lies in integrating these disparate sources into a unified operating dashboard. 

    By consolidating information from various providers and internal systems, we can create a single pane of glass. Providing a comprehensive understanding of our operational landscape, and thereby enabling security teams to assess threats more rapidly and formulate effective response strategies. This is what we mean by fusing risk. 

    Fusing Risk with Location Convergence

    Now, how do we understand the potential impact on our people? 

    Typically, we look at people and their location through itinerary-based travel tracking and GPS. But there are other data sources that have not been exploited, and they already exist in companies. Things like HR data and access control systems can give us valuable insights into our workforces whereabouts and exposure. Then you’ve also got custom data like Uber for Business, for example. It’s very easy to integrate, and you can then start to see who’s on the ground in more granular detail. You can use vehicle tracking. You could use calendar integrations, if somebody booked to be somewhere at a particular time at a particular day. You can start to bring in financial records, to identify if somebody used the company credit card somewhere. There are all sorts of data that can be used. 

    But the challenge is that, in most organisations, it is very hard to try and figure out who’s got access to these pieces of information and then bring them all together. When corporate security, crisis management, and business continuity teams need to understand exposure to an event, they need to have access to all of this information, and quickly.  

    Now you might be thinking about the risk of information overload here. But that’s where the secret sauce comes in, because this is not just opening the tap and saying, ‘Right, there you go. Have at it. Here’s access to the HR feed or here’s access to the access control system.’ There is a hierarchy in data.  

    1. Tracked data: App-based GPS tracking data, verified check-ins. (If I check in right now, it’s highly accurate, at this moment, I’m in these two square meters).
    2. Captured data: Access control data, booking itinerary data. (More accurate, but the accuracy becomes less over time.)
    3. Assumed data: Travel requests, planned journeys, last known locations.
    4. Base level data: Work locations, home locations.

    When we run algorithms over this data, you can then start to see the most likely probability of where somebody is. By continuously running all of this 24/7, looking at the most likely probability of where somebody is, the system is doing the heavy lifting for the security teams to help you understand your exposure, rather than requiring manual effort to cross reference disparate sources of data.  

    Having built up a digital twin of our people exposure, we can now start to answer the million dollar question, the ‘So what?’  

    Whenever something happens, we receive an alert from our threat intelligence provider, or we see something on the news that a potentially disruptive event has occurred, the question we always ask ourselves is: ‘So what? What does this mean for us?’ 

    Once we’ve got that exposure piece mapped out a lot more accurately, weโ€™ve moved from maybe 60-70% accuracy of our people through to 95-98%. It gives us a far better view of what our exposure is globally. 

    Combining the comprehensive view of events and the common operating picture of what is happening in my operating environment, you start to more easily understand the genuine impact on your organisation.  

    I was speaking to a major tech company recently. They’ve got huge technological capability internally. They also use an external travel risk management provider. If an incident happens, they can only reasonably (not fully) account for their people, and reach out to them 35-40 minutes after they’ve received notification of an incident. Compare that to a scenario in which you can bring this data together more effectively, and that incident response can start basically the minute you receive the alert that something’s happened – because you have immediate visibility of exposure correlated with incident.  

    The Outcome

    Picture a scenario where every piece of data, from threat alerts to employee itineraries, seamlessly converge into a unified dashboardโ€”a digital representation of your operations. With this holistic view, security teams can accurately assess their exposure, promptly evaluate threats, and initiate proactive response measures. 

    Convergence, therefore, isn’t just about centralising dataโ€”it’s about empowering organisations to turn fragmented information into actionable intelligence quickly. By bridging the gap between risk and exposure, we provide security professionals with the tools to navigate today’s complex security landscape confidently and swiftly. 

    If you’d like to learn how to improve your people visibility, safety, and security, click here to book a free consultation.