From Fringe to Frontline: Building a Workflow for Narrative Threat Detection in InfoSec

Security teams are increasingly asked to respond to threats that don’t involve malware or credentials—but people, reputation, and trust. In this session, Sam Watson, Senior Product Manager at Logically, walks through how leading enterprises are building workflows that detect and respond to narrative-led threats such as executive impersonation, doxxing, coordinated boycotts, and activist targeting. Using real-world case studies—including a crisis during a Pride Month campaign and a coordinated response to a platform outage—this session shares practical techniques to help InfoSec leaders integrate narrative threat intelligence into their prevention and resilience strategies.

Key Takeaways:

1. What narrative-led threats look like in an InfoSec context—and how they escalate.
2. A sample workflow for identifying, triaging, and responding to reputational and personnel-targeted threats.
3. Real-world case studies showing how global brands navigated narrative pressure and activist backlash.
4. Tools and processes to help CISOs align early with legal, comms, and brand protection functions.
5. Why narrative intelligence should be treated as a strategic input in security planning—not open source noise.