Determining what to share is a challenge and often leaves organisations in a Catch-22 situation. With blanket sharing of data even for law enforcement purposes unacceptable, they have to decide whether there is justification for sharing information before its full relevance and context is known. This leads to a number of problems when trying to collaboratively detect risk across organisational boundaries.
For example, information and intelligence is commonly only shared when that piece of information alone implies significant risk – leaving open the possibility that a wider pattern of low level indicators is missed even if together they indicate a high level of risk.
Where indicators of risk are shared on a larger scale – often through channels such as sharing hubs – the need to manually implement controls on proportionality and justification often limits the speed at which information can be shared and cross-referenced, and the amount of intelligence developed.
And finally, the amount of low level information that must be manually triaged to meaningfully detect risk can lead to certain organisations or teams being overloaded where they have to collate, cross-reference and analyse the information coming in from partner organisations.
These challenges are generally built on an assumption that in order to fuse and analyse data, it must first be centralised and shared. However, while this is often the way that collaborative systems are built, it is not the only way that collaboration can happen across organisations.
Using knowledge-based technologies, information can be assessed and analysed to a certain level automatically, and different organisations can share and collaborate at this level of risk-relevant knowledge without sharing all of the underlying data, or needing to centralise it. This gives four key benefits over the current “centralise-fuse-analyse” model.
Firstly, it’s proportionate. Only the relevant knowledge needed to identify risk is shared, on a case by case basis, rather than all of the underlying data.
All this transforms what was previously quite a catch-all model for collaboration into a targeted one, ensuring that data is not centralised just because it comes from the right source or could be relevant. Instead, knowledge is inferred by analysing the data on a case-by-case basis, and shared because it is specifically relevant to detecting a targeted risk.
Fundamentally, combining analysis, collaboration and reasoning into a continuous and integrated process – rather than separating out stages of sharing and analysis – provides a proportionate, justified and controlled model of collaboration to detect risk at speed.