What is strategic early warning and why is it important?

One of the challenges in business is the need to deal with threats, which can arise from competitors, market shocks, natural disasters, political decisions, criminals and a host of other sources. A form of intelligence, strategic early warning (also known as ‘strategic indications and warning’) involves identifying and forecasting emerging threats, with the overarching objective being to avoid surprise (Clark, 2017). Simplistically, threats have two velocities, or the speed with which they materialise into risk events:

• Slow velocity – risk events that happen slowly, often comprised of multiple discreet events which might be immaterial when they occur individually, but which together have a typically disproportionate and material impact.
• Fast velocity – risk events that happen very quickly when triggered, with minimal to no warning, making them hard to identify and mitigate.

Generally, a fast velocity risk event happens so quickly that the value of strategic early warning is limited, potentially gaining seconds or minutes warning as opposed to hours, days, weeks or even months. In constrast, slow velocity risk events can appear as random or discreet events which creep up slowly over time. However, these discreet events do leave a trail in the form of indicators and can be identified with the right tools.

To be effective against slow velocity risk events, particularly those external to your organisation, requires tools capable of continuously monitoring your operating environment and being finely tuned to detect the subtle changes (signals) in your operating environment which comprise these multiple discreet events. As Aesop reminds us, all too often we are so busy with day to day distractions that we miss these subtle underlying signs which could otherwise tip us off that something big is coming until it’s too late.

Those who cry the loudest are not always the ones who are hurt the most

AESop, Ancient Greece

One of the most powerful tools for strategic early warning, known as ‘indicators and warnings‘ (I&W) in the intelligence community, is explored in this article. However, in order to appreciate why this is important we need to understand a concept called decision quality.

How does strategic early warning contribute to decision quality?

Some years ago I took courses in the Stanford University Strategic Decision and Risk Management Certificate Program, where I learned about the concept of decision quality and what actually makes a really good decision. As someone who has done a lot of work throughout my career in security, intelligence and resilience, I found this insightful as it provided a foundation for grasping how strategic intelligence capabilities (such as strategic early warning) need to be designed to enable high quality decisions by decision makers (as customers of that information).

To illustrate, according to Parsons (2016) there are seven main elements to a ‘high quality‘ decision, being:

• An appropriate decision frame
• Create alternatives to choose from
• Good information
• Clear values to adhere to and objectives you are trying to accomplish
• Clear tradeoffs and sound reasoning
• Decision choice alignment with values and reasoning
• Commited implementation

Strategic Early Warning really contributes to the first three elements in that it provides timely, relevant and actionable insights as early as possible. Earlier, better decision framing and identification of alternatives, supported by information which has the trust or confidence of decision makers, contributes to better strategic outcomes.

Benefits of using Strategic early warning tools in your business

A properly designed and implemented strategic early warning program can help identify, monitor and effectively respond to medium-long term ‘over the horizon’ threats as early as possible, including those which are external in nature. Objectives of strategic early warning programs in business typically include:

• Providing early notice of a potential risk event – facilitates an early response (assuming business has a mature incident response and / or crisis management capability), typically resulting in a lower business impact (e.g. less disruption, financial loss, or reputation damage).
  • The aspirational state is being predictive: identifying that a risk event is likely to happen with a high degree of confidence, and swiftly responding to manage potential outcomes.
  • Early responses provide opportunities to mitigate downside risks and exploit upside opportunities, and get a jump on competitors
• Improved foresight and better decision quality – strategic early warning reduces the need to make decisions under pressure and provides more time to devise an appropriate response.
• Providing timely, actionable insights – with the exception of actions like learning more about an adversary, intelligence is generally considered pointless if it is not relevant to a decision at hand, timely in that insights are developed in time to make a decision, and accurate.

Strategic early warning methods are ideal for providing insights into macro factors, such as how your business’ operating environment is changing, market factors, and strategic drivers impacting competitors. Strategic early warning tools allow decision makers to develop and monitor scenarios before and as they develop, leading to strategic and competitive advantage.

Building an early warning threat detection capability in six steps

There is an extensive body of knowledge globally around how to build an early warning threat detection capability in practice: Intelligence Officer’s have been developing and applying this tradecraft for decades (see Grabo, 2002). When developing these capabilties to detect emerging threat activity (such as the presence of organised fraud syndicates in a market), I apply a six-step process similar to that used to develop Key Risk Indicators, except these early warning capabilities consume external data, as follows:

Step 1 – Identify and build threat scenarios: Preparing threat assessments are a core competency for any intelligence professional. Whilst not covered in detail here, the outcome of the threat assessment is used to inform the design of scenarios for monitoring (see Heuer & Pherson, 2011).

Step 2 – Identify indicators for each scenario: Try to identify indicators (say 3-5) that are independent of each other and representative of a scenario occurring (i.e. they are highly correlated). Indicators that are ambiguous or which apply to multiple scenarios should be discarded. Various intelligence analysis methods (not explored here) can be applied to draw out the underlying mechanics of each scenario (see Heuer & Pherson, 2011).

Step 3 – Classify indicators as leading or lagging: Receiving intelligence on a risk event after that event has happened is often deemed an ‘intelligence failure’, so your focus is on leading indicators. If all your indicators are lagging, repeat Step 2.

Step 4 – Identify data sources for each indicator: Having identified leading indicators, determine where you will source the underlying information and obtain it. When looking at sources, apply the Admiralty Scale and consider source reliability and assessed level of confidence in the information.

Step 5 – Define normal (expected range) and elevated thresholds for your indicators: Identify what is normal for a given indicator in the region concerned, and therefore what you need to worry about. I use three categories of indicator:

• Expected value (baseline): represents what is ‘normal’ for the specific indicator in its context
• Trend: the purpose of this value is to tell you the incidence of something is increasing or decreasing over time and may involve use of professional judgement or hypotheses.
• Threshold value: this represents a red line, the point at which you know (or hypothesise) that you have a real problem. Anything above this point effectively is used within your organisation to mean the likelihood of a risk event occurring is high, triggering your incident response or crisis management process.

Step 6 – Monitor indicators and escalate as appropriate: whilst there is work involved in setting up and collacting the data, this process is is made easier with software such as Tableau or Microsoft PowerBI which have the capability to integrate multiple data feeds from different sources into the one dashboard.

An example of what these capabilities look like in practice is illustrated in the following figure, which uses terrorist diversion in an NGO humanitarian aid as the context:

Moving towards ‘Continuous Monitoring’ of the strategic operating environment

Depending on your organisation, you may be exposed to dozens of potential scenarios, each of which could emerge to shape your business in a number of different ways (see Heuer & Pherson, 2011). In an ideal state, businesses will continuously monitor and evaluate (assess) how threats are emerging in relation to markets, competitors or supply chains.

A capability such as this requires scaling up the data collection, processing and analysis steps across material scenarios. Typically this involves building a common repository which can be easily monitored, assessed, and where appropriate responded to, by risk, compliance or operational teams using appropriate software tools.

Implementing appropriate business processes to support the teams managing this capability day to day is also essential – all too often when building capabilities we focus on the technology and forget the people, process and change elements which are just as critical.

In practice, automating data collection, saving this data to a database, then visualising the data through a dashboard tool like Tableau or Microsoft PowerBI will get many organisations to a high level of capability maturity quite quickly.

Further Reading

• Clark, R. M. (2017). Intelligence Analysis: A target-centric approach, 6th Edition, CQ Press SAGE Publications, California.
• Grabo, C. (2002). Anticipating Surprise: Analysis for Strategic Warning, National Intelligence University, https://www.ni-u.edu/ni_press/pdf/Anticipating_Surprise_Analysis.pdf
• Heuer, R. J., and Pherson, R. H. (2011). Structured analytics techniques for intelligence analysis, CQ Press, Washington D.C.
• Microsoft (2022). PowerBI, https://powerbi.microsoft.com/en-au/
• Parsons, J. (2016). Seven Characteristics of a Good Decision, Cornhusker Economics, December 21, 2016, University of Nebraska-Lincoln. https://agecon.unl.edu/cornhusker-economics/2016/seven-characteristics-good-decision
• Schwartz P. (1998). The art of the long view: planning for the future in an uncertain world. Doubleday, New York.
• Shell International BV (2008). Scenarios: An explorer’s guide, Exploring the Future, The Netherlands, https://www.shell.com/
• Stanford University (2022) Strategic Decision and Risk Management, https://online.stanford.edu/strategic-decision-and-risk-management
• Tableau (2022). Tableau – https://www.tableau.com/

DISCLAIMER: All information presented on PaulCurwell.com is intended for general information purposes only. The content of PaulCurwell.com should not be considered legal or any other form of advice or opinion on any specific facts or circumstances. Readers should consult their own advisers experts or lawyers on any specific questions they may have. Any reliance placed upon PaulCurwell.com is strictly at the reader’s own risk. The views expressed by the authors are entirely their own and do not represent the views of, nor are they endorsed by, their respective employers. Refer here for full disclaimer.