By Diana Buccella Modified April 17, 2020
In the fast-paced world of 24/7 news, information travels fast. And it travels even faster through social media where news breaks before any other source. Stakeholders now expect a quick and coherent response, and corporate security teams are now expected to be on top of situations before the general public.
To be in sync with the entire enterprise — strategically, operationally and technologically — corporate security teams need to have a strong process in place for receiving, processing and vetting incoming social media alerts.
Today, social media users number about 2.5 billion worldwide, with people sharing their experiences at any given moment. Descriptive text, photos and videos are shared instantly, and much of the information is publicly available.
This medium is shaping expectations for corporate security teams. It’s fast becoming a standard source of information for investigations in the global security operations center (GSOC) across industries and among corporate security teams, regardless of experience or size.
Social media gives security teams a 360-degree view of an emerging event posted at the source to provide an on-the-scene look at the situation. When every second counts, social media is the fastest way to gather critical information early in the investigations process.
The benefit of social media for investigations is the availability of real-time alerts, giving security teams valuable extra time to assess situations before hitting the media. But this increased speed of information puts pressure on corporate security teams to step up the pace and respond faster than ever.
To make efficient use of social media data for corporate security operations, many companies are dialing in their processes to include social media as a critical source because efficiency depends less on organizational structure and more on established processes.
Here’s look at how some GSOCs have integrated social media into their processes.
The corporate security team for a global financial services company, with a net income exceeding $3 billion, protects the company’s brand reputation along with tens of thousands of employees in more than 30 countries. This experienced team includes 75 to 100 people globally, plus contractors, and has been in place for about 20 years.
In October 2017, news of shootings at a Las Vegas music festival first broke through social media. Using a social media aggregation platform, the GSOC was alerted to trouble within minutes of the first shots being fired and more than 20 minutes before being reported on the news.
An event analysis was triggered, and a rigorous process was followed to distribute information to local sources as quickly as possible. Using maps, the team determined if any employees were traveling in the area. The team then distributed a “spot report” to top-level stakeholders, including the Las Vegas regional manager, all before the incident appeared on the news.
The spot report was critical to providing an authoritative view of the situation to eliminate the risk of misunderstandings, discrepancies and confusion. After the spot report was published, analysts did a deeper dive into the situation, providing updates as events unfolded. Finally, with the situation fully vetted, the GSOC issued an emergency notification to employees in the area.
When it comes to incident response, smaller security teams have the same scope of responsibility as large teams. A global hospitality company with thousands of properties across the globe has a security team of 25 people tasked with keeping up with the demands of a fast growing company. The team has been in place for about 10 years.
An alert from their social media aggregation platform informed the team of a bombing at the Brussels airport 10 minutes ahead of the news media. This critical lead time allowed the team to do more research to corroborate and contextualize the event.
During the research, the team sent alerts to their local property managers and their European security director. As the more details painted a clearer picture of the event, the team sent an email to key stakeholders so they could carry out their own notification procedures. This included the PR crisis team, fire and life safety team, medical personnel, and the claims and insurance team. Wide distribution keeps key stakeholders in the loop to maintain awareness and perform their own processes as necessary, supporting a coordinated response across the enterprise.
Later that morning, the same procedure was followed when a second attack occurred at a Brussels subway station.
By having strict procedures in place for vetting social media data, each of these companies was able to capitalize on early information to help ensure the safety of their employees, guests and properties.
Security teams can extend the utility of their social media intelligence beyond situational awareness. Both companies recorded the incidents in a database for future reference to help them improve their processes. Social media content also helps teams understand how information travels during common high-risk events. In addition, corporate security professionals are using historical social media data as a source of real-life scenarios for training.
Social media is here to stay and is growing. To keep pace, GSOCs are challenged to find the best tools to sift through the mountains of data for relevant insights and have a clear process in place for vetting the data. The process must clearly delineate the steps of how and when to communicate, who receives communications, and what they need to know.
Corporate security teams that are equipped with the best social media services and processes will be in the best position to respond in ways that better protect property and lives. Resolver’s powerful incident management software helps corporate security professionals dynamically triage incidents so that all the right information is captured.