Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
ManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & Training

The cult of the search in open-source intelligence

By Daniil Davydoff
data intelligence
November 24, 2020

Open-source intelligence (OSINT) is having a moment. Just a few years ago, presentations on OSINT began with a quote from one of a few different senior intelligence community officials who reportedly said that somewhere between 80-90% of valuable information comes from public sources. Many presentations today start similarly, but OSINT no longer needs the validation of government greats. Films like Searching and Don’t f**ck with Cats have introduced the discipline to a wider audience, organizations such as Trace Labs host popular OSINT competitions for the common good, and the investigators associated with the website Bellingcat are now media fixtures.

These developments are welcome news but have created a somewhat misleading perception of OSINT as a field primarily for technically advanced investigators who use sophisticated techniques and programs to doggedly hunt down the proverbial “needle in a haystack” of information. The reality is that most OSINT work in the corporate security environment is more akin to wading through piles of gems and the greater challenge for intelligence analysts is typically deciding how to arrange these gems into a coherent narrative.

One reason for this is the need for speed. Anyone who has worked in corporate intelligence is probably familiar with competing deadlines, short-term requests, and crisis situations that constantly require re-evaluation of intelligence priorities. This problem is especially serious for “one-man shops”— of which there are many — and for analysts with responsibilities for both investigative and global risk analysis. It is even more severe for companies that do not have dedicated analysts at all. During a recent intelligence training, an investigator responsible for following up on countless workplace incidents asked, fairly, how someone in his position could be expected to keep up with the OSINT field amidst his other duties. All in all, the rapid-fire pace of a corporate security or consulting environment prevents most OSINT tasks from looking like the drawn-out affairs highlighted in crime documentaries or Bellingcat’s inquiries into geopolitical incidents.

Standardizing and formalizing information collection also lessens the need for the most technical kinds of OSINT in an established intelligence program. A quick search of well-known investigative databases fills in the gap on much of the needed personally identifying information and in some cases criminal records (at least within the U.S.). Pre-established lists of sites can help analysts quickly go to reliable data sources for intelligence. And paid platforms such as ONTIC, Scopenow, LifeRaft Navigator, Echosec and others connect the dots on social media identities and assist in monitoring.

Whether intelligence is handed to the analyst on a plate — as in the scenarios above — or original research needs to be conducted, it is often the case that there is too much information to digest rather than not enough to find. It is at that point that the critical skills of interpretation and concise writing or presentation take over. Finding the Facebook profile of a subject in a workplace violence case does not do much if an analyst cannot explain how dozens of posts or photos offer insight into the behavior of a person of concern. Similarly, it is not enough to find incidents of crimes or terrorism in a foreign travel location. The analyst must, additionally, weave together a story that helps a security manager making decisions on executive protection or facility security.

Do not get me wrong – creativity and OSINT study are required of practitioners. There is no greater satisfaction than finding a foreign-language PDF file that provides color on a question that would otherwise be answered only through interviews with locals. Neither is there anything more important than semi-purposefully stumbling into an obscure blog that maps out the ideology of a threat actor. Yet the daily life of an OSINT specialist is more about trudging along than sensational finds. As a corollary, hiring managers should be seeking reliable analysts rather than OSINT superstars. Let us not worship the digging too much.

KEYWORDS: enterprise security intelligence sharing open source security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Dan davydoff   pic1

Daniil Davydoff, CPP, is Director, Research Management and Operations at Eurasia Group and director of social media for the World Affairs Council of Palm Beach. He has been published by ASIS International/Security Management, Risk Management Magazine, The National Interest, The Carnegie Council for Ethics in International Affairs, Foreign Policy and RealClearWorld, among other outlets. His views do not reflect those of his company.

Daniil Davydoff can be contacted on LinkedIn or at davydoff@eurasiagroup.net

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • The Benefits of Integrating Intelligence and Investigative Analysis - Security Magazine

    The Benefits of Integrating Intelligence and Investigative Analysis

    See More
  • Police cop

    Cells and the City: A Conversation with the Deputy Director for Intelligence Analysis, NYPD

    See More
  • global-enews

    Why Your Next Intelligence Analyst Should Be a Workplace Violence Analyst

    See More

Related Products

See More Products
  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products

Events

View AllSubmit An Event
  • April 23, 2025

    Employee Perceptions of Workplace Safety in 2025

    ON DEMAND: Workplace safety continues to be a critical concern in 2025, with employees across industries expressing growing concerns about their safety at work.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing