Contact us

Horizontal Scanning as Strategic Insurance

Categories:

Horizontal scanning means systematically looking widely – across time, across regions of the world, and across the digital domain – instead of only watching the threats already on your list. It is not a substitute for focus. It is what allows us to move our focus to the right place when the world changes. Strategic surprises and so-called black swan events may come from corners of the picture where no one was looking.

The Common Objection and the Answer

A frequent objection is that scanning broadly spreads analysts too thin and pulls attention away from the most important threats. The opposite may be closer to the truth. The hardest analytical work is at the edges of our attention, because there is less data and more room for bias. Britain’s horizon-scanning units are reported to have shown that combining academic research, media, and industry reporting gives governments an early-warning system that narrow desk analysis cannot match. Non-traditional sources may expose problems that formal research misses.

Scanning therefore needs to be horizontal in three directions at the same time:

  • In time – from weak signals visible today to long-term shifts in demography and technology
  • In space – geographically beyond the immediate threat picture, since cascading effects from places like the Red Sea, the Taiwan Strait or the Sahel may reach the Baltic indirectly
  • Virtually – across cyber, space, the information environment and supply chains, including activities that sit “below the threshold of war”.

The Linkage Argument: Distant Causes, Local Effects

There is a further argument worth adding. When analysts try to draw connections between different factors, the natural instinct is to look only at things close in time, in geography, and in past experience – essentially what previous strategy papers and scenarios already covered. But in a globalised world of information, services, goods and people, factors that look distant can turn out to belong inside the explanation, or even on the list of necessary conditions for reaching a given goal. With too narrow a search field, that dimension is easily lost.

Take Iran and Ukraine. It is obvious that a war involving Iran affects the war in Ukraine – but how exactly? It is not a single arrow. It is a web of direct and indirect arrows: Iranian drone deliveries to Russia, oil-price feedback effects, the strain on sanctions enforcement, the redeployment of Russian air defences, and the diplomatic room available in the UN Security Council. The same applies to China and Russia: dual-use components, financial channels and diplomatic cover all matter, and they ripple onward into the Middle East and back into Europe. It is not at all obvious how to draw such a network of relations. This is where a continuous, broad horizontal scan becomes indispensable. Such an exercise would have been impossible before AI. With today’s tools – large language models combined with graph-based reasoning – it can now be done more or less automatically, and it can suggest causal links between distant nodes that traditional analysis would never have connected.

A few abbreviations used below, explained for clarity:

  • OSINT – Open Source Intelligence: information drawn from publicly available sources
  • AI – Artificial Intelligence
  • LLM – Large Language Model: the type of AI that powers tools like ChatGPT
  • WMD – Weapons of Mass Destruction
  • SBOM – Software Bill of Materials: an inventory of all components inside a piece of software
  • EU – European Union

Cases Where Inattention Have Cost Far More Than Prevention Would Have

EventWhat was missedCost vs. cost of prevention
COVID-19 (2020)Early warnings existed but were not acted on; the intelligence community was not positioned to issue themTrillions of dollars in lost economic output versus a budget for proper pandemic surveillance
9/11 and Pearl HarborLong-term strategic warnings were plentiful, but tactical warning of the actual attack came too lateMajor wars and reconstruction costs versus a modest reallocation of analysts and a system to act upon intelligence
Log4j software vulnerability (2021)A flaw was buried under many layers of other software, and is expected to take years to clean up fullyBillions in losses versus the cost of mapping software dependencies in advance
Iraq weapons of mass destruction (2002)A national assessment made several wrong judgements that were then used to justify the interventionA strategic catastrophe rooted in confirmation bias
Below-threshold influence operationsRussian influence campaigns in Europe fell into a blind spot where legal frameworks restricted collectionErosion of democratic trust versus the cost of clearer mandates

A common pattern runs through these cases: there are often no historical precedents to model the worst scenarios, because they have never happened before. The absence of precedent is itself the strongest argument for scanning broadly.

A Hypothesis Database – Already Possible With Off-the-Shelf AI

Existing AI tools already make it realistic to build a living hypothesis database. Each hypothesis is constantly tested against new open-source information, re-weighted, and re-ranked. The reasoning is well established in the threat-hunting community: there are too many possible combinations to chase, so analysts must prioritise which hypotheses to test. The academic work on this topic stresses one decisive design principle: a piece of evidence is valuable if it could change the conclusion, not if it merely confirms it. Expected-utility methods can rank threats and counter-measures, while machine learning helps prioritise which signals an analyst should look at first. Human judgement, however, remains essential at every important step.

What “Value of Information” Should Include

To rank hypotheses by their information value for defence and security planning, the scoring should bring together at least the following elements:

  • Decision relevance – does the answer actually change a planned action, or is it merely “nice to know”
  • Diagnostic power – does the evidence clearly distinguish between competing hypotheses, instead of just reinforcing the leading one
  • Probability multiplied by consequence – the standard impact-and-likelihood matrix used in horizon-scanning practice
  • Time sensitivity – how quickly the value of the information decays; weak signals are worth most early
  • Irreversibility – whether failing to act leads to something that can still be repaired (a cable, a market) or to something permanent (escalation, loss of legitimacy)
  • Cascade potential – the chance that a single event triggers second- and third-order effects through critical dependencies, as with Log4j or maritime chokepoints
  • Collection and verification cost – how much effort is needed to obtain and confirm the information, weighed against the expected benefit
  • Bias-correcting potential – hypotheses whose outcome would challenge today’s consensus are scored higher, since they directly attack confirmation bias
  • Coverage of known blind spots – a deliberate bonus for hypotheses in below-threshold areas where normal collection is restricted
  • Uniqueness among allies – the extra value of a signal that no partner is already reporting
  • Distance-bridging linkage value – a bonus for evidence that establishes a causal connection between geographically or thematically distant nodes (Iran–Ukraine, China–Russia–Middle East–Europe), which a narrow search field would otherwise miss

What This Means for Sweden and Europe

The practical implication is that national and European security work should pair thematic depth – on subsea cables, critical minerals, energy resilience – with a continuous, AI-driven hypothesis database that forces analysts to keep re-evaluating even the hypotheses they had set aside, and to map the cross-theatre linkages that globalisation has made unavoidable. The marginal cost of building such a capability is trivial compared with the cost of a single missed strategic surprise of the size of COVID or Log4j. Forecasting research also shows that good judgement can be trained: by breaking problems into smaller pieces, separating what is known from what is not, and drawing on many different sources – which is exactly what a well-designed hypothesis database operationalises.

Lars-Erik Lundin

Explore more through categories:

Sign up for weekly updates:

By clicking submit, you agree to share your email address in order to receive marketing, updates, and other emails from Consilio International. You can unsubscribe at any time by using the link provided in the emails.

Work in progress…
DONE – SOON YOU WILL HAVE NEWS IN YOUR INBOX
more news
Our services
Contact us

Discover more from Consilio International AB

Subscribe now to keep reading and get access to the full archive.

Continue reading