How OSINT is valuable to threat monitoring and investigations

Companies can use OSINT to protect their employees, monitor for threats and remain agile.

In brief

• In brief 
• Connectivity has increased organizational risks.
• There is likely no reverse to the digitization of society, and OSINT is now the intelligence discipline of first resort.

Companies can leverage open‑source intelligence (OSINT) to drive and inform decisions, protect their employees, monitor for threats and remain agile in today’s increasingly complex world. It is critical organizations maintain a broad perspective on the current and future state of OSINT, along with its risks and opportunities, to help avoid surprise and respond quickly to crises.

The evolution of OSINT

Historically, government intelligence agencies dominated the intelligence space. They focused on traditional human intelligence, commonly referred to as HUMINT. With the space age came increasing use of signals intelligence and other technical collection. However, the intelligence environment has dramatically changed over the past decade. One key driver of that change is technology and the growing volume of online data. The emergence of big data and associated data analytics which public and private sector teams can exploit has made traditional HUMINT collection very challenging. In practical terms, there are very few places left to hide. This new technology and surveillance-heavy environment is known as ubiquitous technical surveillance, or UTS. From smart phones to smart cities and the Metaverse, to banking and e-commerce, to social media platforms, technical surveillance is everywhere. There is likely no reverse to the digitization of society and this is why OSINT is now the intelligence discipline of first resort.

Developing an OSINT framework

To optimize their effectiveness, intelligence and risk analysts must understand a proper OSINT framework. First steps include asking:

1. What are my greatest internal and external organizational risks?
2. What critical data is associated with our greatest risks?
3. Is there a process to regularly review that data and assess risks?
4. Have we defined a threat/risk lexicon? Have we considered privacy concerns?
5. Can we validate key data and information streams?

These questions will help define what OSINT tools are best suited to your organization, how you develop your analytic tradecraft, and the training requirements needed for your intelligence, risk and security teams.

If organizations develop a mature threat lexicon and associated validation process, they will be more effective in distilling and contextualizing information for decision making.

A changing OSINT landscape

The rise of ChatGPT and other artificial intelligence (AI) tools now makes the OSINT environment even more challenging due to synthetic content, deep fakes and the proliferation of misleading and often false information.

To overcome the growing challenge of synthetic content, an OSINT framework should also include key private and public sector partnerships. This helps bridge any potential knowledge gaps and allows for more transparency. No government and no organization can singlehandedly overcome the risks from “fake” and “real” content. Sharing across industry ecosystems and with appropriate government organizations will help mitigate these risks.

Christine St Pierre also contributed to this article.