Competences enables companies to step up their security

When operating within a large financial company, it can be easy to lose sight of core data. A new role has emerged to help navigate through the potential minefields, where adopting stricter methods can lead to positive results

US army soldiers using intelligent services in combat. Military strategies can also be applied to corporate data management
US army soldiers using intelligent services in combat. Military strategies can also be applied to corporate data management 

Military strategies are methods of arranging and manoeuvring large bodies of forces during armed conflicts. There are offensive strategies, defensive strategies, and strategic or intelligence concepts. These strategies can also be applied to business management.

The management of any asset, such as materials or equipment, is absolutely critical for the health of an organisation. The same holds true for data because it represents the entire organisation. It is an important business asset, since it is the raw material used to run an organisation and produce information vital for its survival. That is why, more than ever, major companies in the financial services industry are looking to the Chief Data Officer (CDO), which is a new role for many institutions, to be the steward and champion of enterprise information management.

Data is an important business asset, since it is the raw material used to run an organisation and produce information vital for its survival

The role of the CDO
Three years ago, by appointing John Bottega as its CDO, Citigroup became the first financial institution to formally create a c-level data executive position. Bottega, who has 20 years experience managing and transforming reference data functions at Credit Suisse, Merrill Lynch and the Lehman Brothers, became responsible for planning and managing the CIB’s data strategy, policies, line functions and data investments. He is currently the CDO of the New York Federal Reserve.

According to a recent report by Capgemini, there are no less than 18 reasons why an organisation needs a CDO. Among the reasons are that financial services firms need to become information-centric enterprises, and strategic thinking and decision-making is needed on the issue of whether data should be centralised or distributed.

It has also been commonly accepted that a Data Management Organisation (DMO) is needed to support the CDO. A DMO is a group of people responsible for designing, creating and implementing data management policies, procedures, practices and processes. Its purpose is to ensure that all areas of the business consistently have the accurate and relevant information they need to do their job.

Unfortunately, most DMO’s today are company-centric – relying only on company internal data/resources – and thus remaining in that area neglecting some of the relevant datasets, which could also be easily collected from:

  • Publicly available sources; often referred to as open source intelligence (OSINT);
  • First-look impressions of a specific or isolated event by any of the organisation members, which we will call significant events (SE) for the purpose of this editorial;
  • Visual intelligence analysis.

We at Competences propose to have another look at why these alternative sources of data collection derive from military intelligence concepts, and which should seriously be considered in your DMO. Established in 2004, the headquarters of Competences are in Praia, Cape Verde, and specialises in the security sector. From global companies operating in Africa, police and paramilitary forces, customs and immigration services, special forces, intelligence, and the armed forces. We enable Fortune 500 companies and governments to reach a level of security and autonomy through our knowledge and understanding of the African continent.

Open source intelligence
Derived from public information, OSINT is tailored intelligence or data that is based on information that can be obtained legally and ethically from public sources. It includes a wide variety of information and sources, from media, social networks and web-based communities to government data, professionals and academics.

OSINT is both a force and resource multiplier. It provides a practical strategic and competitive advantage that complements the advantage provided by traditional DMO sources, it is available at a low cost, and cannot be ignored. For the financial sector, OSINT does offer three major advantages for planning and strategising.

Firstly, when encountering situations involving external factors – like for investment abroad or due-diligence investigation on a potential partner – OSINT is frequently the only discipline able to respond rapidly, and it provides the manager with a rapid orientation adequate for decision-making. It is also a means of achieving significant savings, in that many essential elements of information required by the manager can be acquired from open sources at a lower or even no cost, in less time, than from classical commercial capabilities, with the added advantages that OSINT is often more up to date, and requires no legal risk in its acquisition.

Finally, whether it precedes or follows traditional data collection, OSINT can protect company information sources and methods by serving as the foundation for data support to joint-venture initiatives where it is not possible, or desirable, to reveal capabilities and limitations to partners.

Significant event tracking
We view the SE as historical data. We believe SE give a first-look impression of a specific or isolated event. This can be an order cancellation, a default in debt re-payment, a threat of a lawsuit by a dissatisfied customer, a delay in the delivery by a supplier, or any other event a specific staff member documented and reported in real-time. In our perspective, the information contained within a single or group of SIGEV’s is not very sensitive. The events encapsulated within most SIGEV’s involve either financial loss or incident, commercial success or failure – any event which incurs a financial, social or commercial consequence for the organisation.

We feel that SE are similar to a daily journal or log that an employee may keep. They capture what happens on a particular day and time. They are created immediately after the event and are potentially updated over a period of hours until a final version is published.

Each business unit can have its own procedure for reporting and recording SE. In human resources, SE normally involve personnel issues, such as absentee information incident, or any conflicted situation involving an employee and its supervisor. The report starts at the work-group level, and goes up to the department, territory, and even up to the business unit level.

In an overseas mission configuration, a corporate delegation may observe or participate in an event, and the delegation leader may report the event as an SE to the company headquarters. The manager will then forward the report to its director. Once the director receives the report, he or she will notify the COO, conduct an action, or record the event and further report it up the chain of command to the CEO.

Once an SE is reported, it is further sent up in the company hierarchy. At each level, additional information can either be added or corrected as needed. Normally, within 24 to 48 hours, the updating and reporting of a particular SE is complete. At corporate level, the SE is finalised and published. The ultimate purpose is to collect and analyse operational data in order to provide daily operation reporting, relevant to a manager’s daily decision-making process.

Deciphering anomalies
A visual intelligence analysis environment can optimise the value of massive amounts of information collected by financial services companies. It allows analysts to quickly collate, analyse and visualise data from disparate sources, while reducing the time required discovering key information in complex data. Such environmental help determines real-world links between people, social networks, companies, organisations, websites, phrases, documents and files by:

  • Rapidly putting together disparate data into a single cohesive intelligence picture (from a wide range of data types, including telephone call records, financial transactions, computer IP logs and mobile forensics data);
  • Identifying key people, events, connections and patterns that might otherwise be missed;
  • Increasing understanding of the structure, hierarchy and method of operation in a fraudulent networks;
  • Simplifying the communication of complex data to enable timely and accurate operational decision-making;
  • Capitalising on rapid deployment that delivers productivity gains quickly using a well-established visual analysis solution.

For a while now, visual intelligence analysis methodology has been a part of the Human Terrain System, a US Army programme that embeds social scientists with combat brigades. Several investigations, including an investigation into fraud in the US Army, are reported to have used such capabilities. It is also used by several police departments to analyse social contacts and networks.

The tools that we briefly described do not resolve the fundamental issues that companies are facing today regarding their data management alone. The dysfunctional cycle of data chaos continues to grow, as the tool-technology approach fails to get data under control. Change is definitely needed. A DMO is the catalyst for this change, because it brings focus to many and processes of data management. Military strategy could be applied to provide a new perspective on your company data management approach.