The Center for Data Innovation spoke with Edoardo Camilli, chief executive officer of Hozint (“Horizon Intelligence”), an online monitoring platform based in Brussels that provides 24/7 real-time alerts on political, security, and safety threats. Edoardo discussed how Hozint’s solution uses artificial intelligence and human intelligence to support the security and continuity of business operations.
The interview has been edited.
Eline Chivot: What is the purpose of your threat intelligence platform, and what information does it provide?
Edoardo Camilli: When we created our threat intelligence platform, Horizon, we aimed at building something different from what was already available in the market. Most solutions available are focusing on “hard security” issues such as terrorism, crime, or piracy. Therefore, they tend to notify you only when the political or security situation in the country has already degenerated. At Hozint, we have decided to apply a holistic approach to security. This means that on top of security incidents, we also look at political, diplomatic and socio-economic “early warning” issues and signals that could impact the business continuity of our customers. As information is mostly retrieved from open sources such as news websites, social media, etc., the amount of data we need to process daily is enormous, having to cover topics ranging from conflict to petty crimes, from epidemics to natural disasters, from international trade agreements to diplomatic meetings. This gigantic amount of data has forced us to look at ways to simplify the work of our analysts, and of course AI was the obvious direction to look at.
Chivot: What is the added value of combining both human and artificial intelligence to make sense of all this data, and how does that help companies face their challenges?
Camilli: The way we have decided to introduce AI in our workflow has been to ask algorithms to perform those repetitive tasks that are extremely time-consuming for our analysts, hence freeing their time to perform more qualitative-based ones. Our AI is capable of identifying relevant information dealing with security, safety, or political risk issues, and it can assemble a draft report by classifying the alert by country, topics, and geolocating the event on a map. All this thanks to natural language processing. What the AI is missing is the ability to provide a qualitative impact assessment of the event, which is the outcome of several variables including the type of event—such as car bombing, protests, earthquakes—and the geographical, historical, political, and economic context in which the event occurs. By adding a human filter to the machine, we have been able to reduce information noise to the minimum, as well as to dramatically increase the timeliness of reporting and the granularity.
One of the biggest challenges for companies is to keep track of all the threats, real or potential, that could affect their business continuity. The problem does not only lie in the variety of issues that need to be monitored e.g., man-made and natural disasters, political and regulatory changes, etc. but also in the velocity with which information is produced and shared. This problem goes hand in hand with the multiplication of unreliable sources and information—the so-called “fake news”—which requires additional time and effort to verify.
In this regard, the uptake of technologies like AI can be very helpful to make sense of all this, and to help companies be more efficient and proactive in dealing with threats. AI has the big advantage of performing time-consuming tasks in the blink of an eye, such as by filtering out all noisy information, classifying information by topic and location. Nevertheless, the future of threat intelligence will not be made by machines alone, rather by a close cooperation with humans and machines. There is still a significant part of the qualitative assessment to the threat intelligence process that cannot be automatized. Generally speaking, “security” is not just about the absence of threats, but also about the absence of threat perception, and perception is still something that AI is unable to grasp. Therefore, the only viable solution is to create the perfect symbiosis between humans and machines by assigning to each of them tasks that they can perform best. Part of our R&D efforts at Hozint is to identify the perfect balance between automation and human interaction by developing AI that can act as an extension of the human brain instead of its replacement.
Chivot: How is the information communicated to the users in the dashboard—how do they receive alerts, in what format are your insights shared with them, and what do they see?
Camilli: The user experience is very simple. You log in, set up your filters, and there you go! Having a user-friendly interface has been one of our competitive advantages. Once logged in, the user accesses an interactive map displaying the latest events that have occurred in the past 48 hours. A pulsing effect underneath a marker helps the users identify the very latest events and breaking news. On the left side, a sidebar provides the filtering options. Users can restrict their focus on a country or a specific location via the geofence feature. They can filter the topic, add keywords, impact, etc. The matching reports will be displayed on the dashboard and communicated to the users via browsers notifications, email alerts, or application programming interface (API). Last but not least, all the metadata extracted from the reports is transformed into interactive analytics, which helps users spot trends and perform quantitative analyses.
Chivot: What are some interesting insights or patterns that you generated with the data?
Camilli: Most of our clients are interested in two things: what is happening now, and what will be happening in the near future. If the first task is pretty straightforward, the second is definitely more challenging. “Knowing the future” is key for many companies operating in transport, logistics, and supply chain, but also for a wide range of actors who need a strict planning of their operations. By “knowing the future”, I do not mean that we have invented the crystal ball—that for sure would win the prize for the next big thing—but that we are able to spot some type of events such as protests, union strikes or service disruptions before they happen. This is done via a systematic monitoring of multiple, often heterogeneous, sources of information, where we look at future dates, as well as the intentions of the actors involved. In some circumstances, we are also able to predict the areas of possible military operations or security incidents by monitoring troops deployment or the presence of rebels and/or terrorists in the area e.g., via reports of arrest operations, seizure of weapons, etc.
Chivot: Can law enforcement and intelligence agencies use your tool effectively for protection, deterrence, and to counter attacks?
Camilli: Law enforcement and intelligence agencies could certainly benefit from our threat intelligence platform, although so far we have preferred to target Global Security Operations Centers (GSOC) in private companies. Over the past years, we have also worked for the Canadian Ministry of Foreign Affairs, which have used our service to protect their embassies and diplomatic corp, as well as to make their travel warning service more efficient.
What I see as a trend is that a growing number of public and private organizations will start using AI-based threat intelligence platforms as part of their crisis management activity.
Considering that this type of service relies heavily on open sources, there is not much of an issue of secrecy in intelligence sharing. Nevertheless, what I see as preventing the use of such platforms are regulations restricting access to open media. For instance, the GDPR has on the one hand brought value to people in terms of privacy, but on the other hand, it has made inaccessible open sources from outside Europe who do not comply with the GDPR—unless using a VPN of course.
Image credits: Friends of Europe