Security by OSINT – A New Layer in Security Circles
By Nachum Shiloh
The geopolitical and social changes, as well as the technological innovations during the passing 20 years turned terrorism, organized crime, espionage, industrial espionage and other threats from local to global problems challenging most countries, on both governmental and corporate levels. Consequently, the security and HLS industries turned into a global and changing market which requires immediate and creative solutions.
Until recently, the security and HLS market focused mainly on physical solutions: security guards, security officers, all sorts of sophisticated cameras and surveillance equipment, barriers, gates, walls and fences. Except highly important and sensitive governmental agencies, other entities have not put efforts and resources in establishing an intelligence array that would support these security circles. For many entities, even for the biggest companies, this task was not feasible mainly because only the governments possessed the proper intelligence collection means.
Currently, the threats of terrorist attacks, crime and organized crime activity, sabotage acts performed by current and ex employees and other events like street demonstrations, rallies, public disorder and road blocks oblige many entities, especially commercial companies, to develop intelligence collection and analysis capabilities. Fortunately, now we have an effective intelligence tool, which enhances security - the Open-Source Intelligence (OSINT).
OSINT is not what it used to be. In the past, open-source information was either inaccessible or censored, but the development of the internet, the emergence of the virtual social networks and the evolution of internet applications which enable us to monitor these networks in real-time, changed the entire picture. Today, an effective utilization of the internet enables any company to obtain, with a minimal allocation of resources, quality and real-time intelligence which helps the company coping with strategic and tactical threats beginning from threats to the company and its executives and ending with problems in the vicinity of the company’s facilities like public events, street riots and demonstrations.
Despite its cost-effectiveness, operating a security layer based on OSINT still requires the company to involve OSINT professionals in the field of information collection, evaluation and analysis, who can apply their skills in the relevant languages. Yes, almost everyone has internet access, but only OSINT professionals can combine in real-time several OSINT capabilities and produce the specific alerts needed for securing infrastructures, facilities and VIPs. Only an OSINT professional is capable of integrating the data and information extracted from social networks with press reports, video clips, databases and visual information and to provide his clients with quality and real-time intelligence.
Using OSINT as an additional security layer is crucial in the MENA region and in other unstable regions in the world like Latin America, Sub Saharan Africa, Central Asia, Southeast Asia and the Far East. Developing business activity in these regions opens many great opportunities to companies, but at the same time it requires these companies to operate an intelligence infrastructure which includes OSINT professionals. Furthermore, in countries in which there is no freedom of information, OSINT professionals will use their unique skills to bypass this problem and to find deep in the net the information required by the company to assess the threats and to perform the proper background checks about its current and future employees.
Enhancing security by OSINT is applicable and recommended all over the world, and not only in the MENA region. The hostage taking event which occurred in Sidney Australia on 16 December 2014 proves it beyond any doubt. In the week before this event, the assailant, Man Haron Monis, posted in his Facebook and Twitter accounts, as well as in his personal website, several posts suggesting that he was planning to do something against Australia or against Australian citizens. By using the unique and free internet applications, an OSINT professional who knows how to monitor the social networks in real-time, could have used such skills to track these posts and to provide the proper alert to law enforcement agencies.
To sum up, OSINT became an important component of the security circle in any level. OSINT does not replace the other components in these circles but comes to enrich and fortify them. By allocating minimal, sometime negligible resources in OSINT collection and analysis, a company can upgrade and enhance significantly its intelligence capabilities and to cope more efficiently with the threats facing its employees, executives, facilities and activities.