As part of our intelligence offering, we monitor geopolitical events. For the creation of a crisis and continuity plan servicing a large multinational in Southeast Asia, our threat intelligence team mapped out potential events that would likely lead to its eventual activation.

We then reviewed and quantified the likely escalation of incidents relating to a range of potentially catastrophic scenarios in the region. This included various conflict and civil war risks, instability, natural disasters, and the emergence of a pandemic.

With the emergence of SARS-CoV-2 strain of coronavirus, this process proved extremely valuable. From the end of December 2019, crisis management teams were able to fully prepare for the arrival of this strain to other parts of the region.

As part of this process, we can pull imagery that is several years old to carry out a historic and/or comparative assessment, or even a day old to investigate a recent development.

An example of how we have used satellite imagery to form a comprehensive threat and risk assessment for a client was for an international corporation with sites throughout Ukraine. Many of these sites were situated near the ‘line of contact’, in the Donbas region, where an armed conflict between Ukrainian and pro-Russian forces has continued since April 2014.

Through combining relevant data and historic, as well as recent satellite imagery, our team geolocated the current line of fighting. We then assessed the intent and capability of threat actors to attack client sites and provided this to the client in a highly visual format, including the use of mapping showing attack hotspots and their sites, to aid them in understanding the threat level.

For ground-truth intelligence, we use local contacts who feed us information for a given area or topic. Our team regularly uses their own contacts or travels extensively to leverage new ones. This intelligence can then inform projects such as threat assessments in Colombia or market entry in South Africa for example.
‍
For more sensitive investigations, we utilise trusted local source handlers to speak to a wide range of individuals that may have knowledge of the topic of interest. We then covertly conduct our enquiries through trained source handlers who are unaware of the end client. Importantly, we always carefully consider the source's relationship with the client to maintain the covert nature of the enquiries.

This independent review enables investigators to cross-reference the source information with other intelligence and produce potentially new lines of enquiry that the source handler can be re-tasked with.

Pulling from the team’s expertise and experience this encompasses threats such as terrorism, organised crime, online hostile actors, conflict, and attempts to alert the client to a scenario before it has played out.

It can involve 'horizon scanning', or conducting 'bespoke intelligence requests' on the back of an incident or threat detected against a client or their industry. It also routinely includes the analysis and monitoring of geopolitical developments that could impact client operations.

By staying on top of developments and providing actionable intelligence we act as our clients' ‘rear view mirror’, and feel this approach helps them best protect their assets, locations and people.