Twitter has added the ability to track keywords. Now whenever someone sends a public update containing your word or phrase of interest you’ll receive a copy of the update. How is this useful for NGO security officers? I’m currently tracking several towns in trouble areas, Tsunami, and a variety of other keywords. You’re only limited by your creativity. One word or warning though: you’ll get ALL public updates with the search term, even ones in languages you don’t speak.

I've also finally added the solution to our geographic distribution analysis problem.

Tags: NGO Security, Tools, Twitter, Analysis

As Paul pointed out it would be beneficial to compare our office location (the blue square) with the IED incidents. We’ve also added military installations (the green squares) and the primary military convoy routes (marked in orange dashes) as these are likely targets.



A search for more information reveals the following:

You have two small low-key programs operating in town.
The bulk of programming takes place in other areas of the country but staff travelling to the field offices are forced to take one of the major roads.
The main road to the east is the only viable route to access offices in the east.
Local staff travel back and forth to work by public transport or personal vehicles using all the main roads.
International staff travel to and from work in agency vehicles.
The first military convoys of the day are usually between 0600 and 0900.

Tags: Analysis, Maps

Geographic distribution analysis is a method of examining the occurrence of security incidents or the distribution of entities over a particular geographic area to determine what can be concluded about the incidents or entities. The analysis is usually performed on a map but the final results can also be expressed in a descriptive manner, as in a written report.

To complete a distribution analysis, data on the locations of violent incidents, entities of interest, etc. should be collected and plotted on a map that covers the area in question. Next the map is reviewed to produce a summary and to draw conclusions about what it might mean.

At its simplest geographic distribution analysis might only represent one dataset e.g. a plot of violent incidents on a city map. While this can be useful in itself, as a weekly briefing update perhaps, we can delve much deeper by synthesizing two or more datasets on the same map. We could compare a plot of violent incidents and criminal activities against a plot of proposed office and residence locations. As another example we could compare the locations of narcotic growing areas and smuggling routes with an overlay of violent incidents targeting NGOs.

To illustrate lets look back at our previous problem. As you’ll recall we did a time series analysis of a series of IED attacks. Although we were able to make some basic and tentative conclusions we knew we needed to do further analysis and geographic distribution is a good next step.

After plotting the IED incidents you come up with a map that looks like this.



What are your conclusions now? Would you change or amplify your advice?

Tags: Analysis, Maps

Earlier in Analysis 101: Time Series Analysis I introduced an analytical problem and asked a few questions. You can find some possible answers here. CtJ also has some hypotheses that might serve as a good starting point for further analysis.

Tags: Analysis

Old School

To do basic time series analysis all you really need is graph paper and a pen or pencil. The down side is that this method is very labour intensive and as the dataset becomes larger most of us can’t cope.

Middle of the Road

The next step up is to use something like Excel. There are some useful free or low cost tools that can simplify time series analysis. In a previous post we saw how to use Excel to do some simple analysis. The sample templates we used are located here.

I’ve developed a Cumulative Security Incident workbook that I use to track longer-term trends. It is available on the downloads page. It’ll produce charts like this one.



Vertex 42 has a free Excel template that can help you create simple timelines. While it might seem to be better suited to presenting a final analytical product it can also be used in the analytical process. Back in the days of the First Gulf War I used a timeline similar to this in an effort to gain a better understanding of Saddam Hussain.. Above the line I plotted significant events in Saddam Hussain’s personal life. Below the line I plotted significant historical impacting Iraq. The exercise proved very revealing and shed light on the man behind the myth.



Some people use Gantt Chart software to do time series analysis but I find it awkward and time consuming.

Bleeding edge

If you are going to do a lot of time series analysis or if you need to analyse large quantities of data you should probably consider a product like Analyst’s Notebook by i2. It can handle a time series of several thousand incidents with relative ease. It is also beneficial in many other types of analysis so you’ll probably here me refer to it again. Be warned though, it is expensive.

Tags: Analysis, Software, Tools

A time series analysis is a security analysis technique that is used to examine the occurrence of similar security incidents over time. In this case time refers not only to time of day but also day of the week and the day of the month. Longer-term analysis can also include month and season.

By way of example let us imagine that during the past month there have been twelve Improvised Explosive Device attacks in the district where your organization is working. The attacks have occurred at ten separate locations. Victims have included soldiers, police officers, and civilians alike. The only apparent pattern seems to be that the attacks have all taken place on or near main roads. To make matters worse your country director wants to be briefed in four hours.

To aid your analysis we will make a quick Excel chart with the time of day on one axis and the incidents on the other. For each incident we put an X the the row that represents the time of day that the IED attack occurred. The chart should look something like this one.



Examining the chart we see that most of the incidents have occurred between 0600 and 0900. Of these half occurred between 0800 and 0900. We'll highlight these incidents in blue to remind us that they seem to be part of a grouping. There are also four incidents that don't fit the general pattern. We've marked these in red.

With the information you have now what assessment can be made? What would you advise the country director?

Lets take it one step further and make a new chart that plots the incidents against the day of the week.



At first glance there doesn’t seem to be much of a pattern here but on closer examination you'll notice that all of the ‘red’ events that were highlighted earlier fall on a Friday except for one that occurred early on Saturday morning. The remaining events all occurred on weekdays (Friday and Saturday are considered the weekend where you are working).

What does this new information suggest to you? What can you tell the country director? What recommendations can you make? What additional information do you need to seek out? What additional analysis can you do?

Tags: Analysis

There is a real gap in the availability of good analytical training and resources for NGO security officers. Most NGO security manuals introduce the topic by stressing the importance of good analysis and an understanding of the local context. They might then go on to briefly cover actor mapping, and if we are lucky incident plotting. Beyond that the reader is left to his or her own devices.

Admittedly there have been a number of recent analytical studies that examine the patterns of violence against NGOs. These studies come replete with multiple regression analysis and complex equations like this one; "Sec100k = -1.384 + 1.691*BorderPak + -0.00011*Poppy + 0.036*Homeradio". I’m sure these studies are useful for developing policy and keeping underemployed academics out of the soup lines. However, they are unlikely to provide much solace when the country director wants to know how he can safely keep program running despite the recent spate of IED attacks.

In order to try and address these shortcomings I am opening the conversation on security analysis for NGOs. We’ll start with simple, robust, and inexpensive tools and techniques that can be used anywhere under any conditions. We’ll also examine more advanced tools that take advantage of the latest in ICT.

Anyone who wants to share tips and techniques should feel free to do so. It doesn’t matter to me whether you do your analysis on the back of an empty cigarette package under a sputtering lantern or on the latest networked GIS platform in a brightly light office. The goal is to identify and share best practices and to encourage the development of new tools and techniques.

I'll post the first technique shortly.

Tags: Analysis, NGO Security

Online research can be a great tool but as anyone who has used Google can attest there is a lot of information out there and most search tools just dump out an endless list of links. Sorting through it, discarding the irrelevant, and putting the remainder into some usable form is a task left to the user. Any tool that allows the already busy Security Officer to spend less time searching for information and more time assessing and analysing it is of value. Silobreaker is one of these tools. In the words of Silobreaker, "Silobreaker looks at the data it finds like a person does. It recognises things - companies, people, topics, places - and puts them in context".

While I was testing the public Beta I quickly discovered its utility. A basic search for the term 'suicide bomber' brought up the type of content you might expect but with some preliminary organization. There was a top stories pane, a search result timeline frame, an entity list, a "Quotes" pane, a more traditional search results list and a network visualization diagram. The sidebar also has a list of entities related to your search; cities, people, companies etc.

Since I'm currently in Sri Lanka I "drilled down", as Silobreaker calls it, to Sri Lanka. The result were now much more relevant and lo and behold there were items of interest and relationship that hadn't captured my attention before.

As one would expect with a Beta there is still some work to be done. Even on my relatively fast connection the site seemed slow at times. One very useful feature that counters the sluggishness is the liberal use of hover overs allowing a quick preview of content before you commit to clicking on a link or entity.

Silobreaker is currently allowing free public access to its online Beta. I recommend you give it a try and see if it meets your needs.

Tags: Analysis, Silobreaker, online tools, News