Fred BurtonForbes Councils Member
Forbes Technology Council COUNCIL POST| Membership (fee-based)
Jun 7, 2022,09:00am EDT
New York Times best-selling author, former special agent and security expert who helms the Ontic Center for Protective Intelligence.
The war in Ukraine may be the most documented conflict in human history. On social media, we can watch in near real time as military units prepare for battle. A few hours later, we see the aftermath.
Images are being posted and recirculated by an online community of open-source intelligence professionals and enthusiasts. The more analytically rigorous among them may have military, intelligence agency, IT and think tank backgrounds where they learned the skills and abilities that inform their analyses, providing in-depth explanations of battlefield successes and failures to anyone with an internet connection. Information and intelligence that was once available only to governments and intelligence services can now be seen and understood by anyone.
According to the Office of the U.S. Director of National Intelligence, open-source intelligence, also known as OSINT, is defined as “publicly available information appearing in print or electronic form including radio, television, newspapers, journals, the Internet, commercial databases, and videos, graphics, and drawings.” Typically, OSINT doesn’t include any information obtained using clandestine means, making it available to anyone with the ability to uncover it or pay for it.
As a former counter-terrorism agent and executive protection professional, I’ve used open-source intelligence extensively to understand my operating environment and maintain situational awareness, as have protective intelligence teams around the world. But the scope and scale of the OSINT we’re seeing in Ukraine demonstrate how much these capabilities have improved in recent years and how widely available the information has become.
For casual observers not involved in security operations, these developments may mark the first time they’ve seen OSINT used in practice. It demonstrates the incredible value—and risks—of freely available information. But the mainstreaming of OSINT also marks an opportunity for security professionals whose domains have expanded beyond “guns and gates” to include areas like supply chain risk, social unrest, labor shortages, pandemic monitoring and travel security. OSINT’s prevalence in our lives and this wider spread of awareness can make it a topic and bridge to engage colleagues across the organization—and to prove and enhance the value security teams provide businesses.
First, we have the lightbulb moment. The growing societal awareness of the types of OSINT that are available and their value is an opportunity for a companywide discussion of what data and intelligence the organization might need, the best ways to find that data and how the analysis of that data could be leveraged to help other departments understand and mitigate organizational risk. This is especially true for business functions that focus on specific geographic locations, like logistics, travel security and strategic planning, or those that may deal with specific individuals, like HR, legal and mergers and acquisitions teams. Because the security team is likely already using OSINT as part of their operations, they’re often uniquely placed to understand where the most valuable OSINT can be found, how it can be used and potential pitfalls to avoid.
Second, OSINT can only help your organization if you’re able to identify and integrate the critical insights without getting stuck in information overload. The amount of OSINT available is staggering, but without a plan to analyze and integrate that information, your company will be drinking from a firehose of information. The growing usefulness of OSINT creates an invitation for collaboration between multiple business units to find ways to integrate their data within shared platforms and tools, finding the most useful data in proprietary and open sources to create a more comprehensive picture of the situation. The collaboration between units like HR, risk management, legal and security can decrease resource redundancy while real-time information is made available to the appropriate stakeholders.
Overlaying your internal datasets with OSINT material could yield positive results in many areas. For example, watching the war in Ukraine, it’s not uncommon for online sleuths to match an infrared picture from drone footage posted online to Google Maps data, giving clues about where operations are taking place. In companies, security teams may be able to extract metadata from social media posts to identify the locations of threat actors. In certain situations, this type of information could be integrated into travel and route planning for key executives.
Third, security teams can help the organization understand and communicate the risks and challenges that are present with open-source data. Security teams are often trained to analyze data to spot a wide variety of potential problems in different types of information. For example, information produced by certain outlets may contain biases based on its ownership, which could make their conclusions less reliable. Advanced analysis of images and videos may reveal where or how they were created. It’s not enough to merely find OSINT—the data must be evaluated and analyzed in an attempt to ensure its accuracy and reliability to determine if it’s also actionable.
Security teams are also uniquely placed to help companies understand the risks posed by publicly available corporate information. Employee information available online, either intentionally or accidentally, can be used to concoct social engineering schemes that could be the first step in a cyberattack. Maps of corporate facilities, building plans and photos taken inside facilities could be used to facilitate pre-operational surveillance in preparation for a physical attack. Members of the security team can help the organization see OSINT about the company through the eyes of an attacker and work to create ways to mitigate threats that the OSINT might create.
For some, OSINT is merely a curiosity. Harnessing the value of OSINT for your company and mitigating its risks are complex undertakings, but the mainstreaming of OSINT can provide your organization with a new way of looking at your operations and understanding risks.