A few days ago, one of the thousands self-proclaimed experts on OSINT held a presentation in one of the capitals of Europe. A crowded audience of mid-level business executives hungrily listened to the "expert" at the podium. They all wanted to learn about what you can do with open source intelligence and also how the displayed skills could be used against their own companies. A great initiative for a knowledge seeking group of business professionals. But there were a few problems on the horizon.
· They probably bought all the nonsense that was presented, just because they did not understand that the presenter was spinning the old early 1990's wheel of OSINT concept with a few sprinkles of words like Cyber, Threat and Deep & Dark Web.
· They probably bought it because they did not do their due diligence on the presenter. They believed that it was an expert due to its non-verifiable background in one of the national intelligence agencies. The safest way to tell people that you are an expert without saying or proving anything is to claim” I can’t tell you because its classified”.
· The usual weapon, the poorly crafted power point pack, was filled with impressive buzzwords and acronyms that for a novice creates an aura of prestige and secrecy - ”Wow, this person really knows what he is talking about”. The truth is that the presenter never been active as an OSINT executive or worker. To chant "Yes Sir I can Google!" is not OSINT.
· OSINT was presented as ”an activity on the internet”. Sadly, this view of OSINT is also echoed at the national intelligence level around the world. Some nations now claim that OSINT = Web Intelligence. Clearly, adherents to other traditional collection disciplines such as HUMINT, SIGINT etc. are trying to diminish the value of OSINT.
The positive outcome of this poor presentation was that I realized that the Intelligence and also the corporate world still have a problem that is no different from what existed in the late 1980’s.
Firstly, Intelligence is a process and a product tailored to a specific requirement. One person’s intelligence product is another person’s data or information product. Regardless of what collection discipline that supplies the data and information, the process to create a tailored intelligence product is 99% of the time the same. And regardless of the origin of the source, an Intelligence product is useless if you don´t have a requirement or objective to make it actionable.
Secondly – if an intelligence product is based only on SigInt, HumInt, ImInt, OsInt etc. it is probably of lesser value than an all source intelligence product. Content with context is key. And maybe the key value added for Open Source Information is to provide context, sanity check, validation and a control function of the other collection disciplines. But the target is missed, if the disciplines are in locked Silos and a turf war legacy.
Thirdly, with regards to OSINT, I have seen many examples where nations tend to think in volume instead of quality with speed. I have seen too many examples of complex technology overload, information overload and fixation with traditional intelligence cycle processes. I have seen examples of recruiting that is fixed on titles, degrees and formal backgrounds instead of looking at qualities like creativity, curiosity and adaptability to constant change. Threat Intelligence & OSINT (if we want to keep that acronym) of today should equal dynamic methods and processes that should be reflected in sense making tools and frameworks. It is all about digital transformation. And digital transformation includes how non-digital sources (HUMINT, SIGINT, etc.) needs to be normalized and included in the information repository that the analyst accesses. The analysts need to change focus to actionable output and dynamic workflow. They need to adapt to methods and solutions that minimizes the output into just what is needed. The “learn to search on Google and then cut& paste” approach that the above-mentioned presenter boosted needs to be eradicated.
The end users (the clients) also need to be trained in how to make relevant and focused questions and understand what can be done using only Open Source Information and they need to understand that a response to a focused request that support a future action is Intelligence.
The whole community also need to be aware that the self-proclaimed experts will continue to proliferate in the Egocentric Era will live in. This is the biggest danger. Fake experts that search Fake news is not the best recipe for success.
So, let’s agree: Legal and Ethical AnyInt that supports your organization or business is what we all need.